Mocking Management API

Hello,
In order to make end 2 end tests with the management API, we found that mocking this api is as other api if we know that the “domain” parameter can be expressed with https://domain and not only domain.
In that case, for example, to mock the request token, with something like :

when (
HttpRequest.request()
        .withMethod(POST.name())
        .withPath("/oauth/token")
        .apply {
            withHeaders(
                mapOf(
                    "grant_type" to "client_credentials",
                    "client_id" to "XXXXXXX",
                    "client_secret" to "XXXXXXX",
                    "audience" to "https://xxxx.auth0.com/api/v2/"
                    
                )
            )
        },
Times.once()
).respond(
    HttpResponse.response()
        .withBody("""{
    "access_token": "xxx",
    "scope": "read:users update:users delete:users create:users read:users_app_metadata update:users_app_metadata delete:users_app_metadata create:users_app_metadata create:user_tickets read:connections read:organization_connections",
    "expires_in": 86400,
    "token_type": "Bearer"
}""", UTF_8)
)

Have fun!

Hi @prt,

I’m not sure I understand what you are referring to, but I did edit your post because you leaked a valid management API access token to your tenant.

1 Like