Need help accessing Management API using react-auth0-spa-js

Hi Han.
In general, SPAs can not get a token for the management API v2, unless it’s for one of the scopes that affect the currently logged user (like read:current_user). This is further explained in this document: Get Management API Access Tokens for Single-Page Applications (the one you linked).

The /authorize request mentioned in the doc is the token request. In a SPA you would probably use something like auth0Client.loginWithPopup(params);, to present a popup for the user interaction (to avoid losing the state of the app).
params would be an object where you’d have at least:

{
   "audience":"https://your_auth0_domain/api/v2/",
   "scope": "the desired scopes"
}

remember that an SPA would have the scope limited to those of the currently logged user. If you need more generic access, you’ll need to access it from a backend application that can execute a client-credentials flow to exchange a client ID and client secret for a token (as explained in https://auth0.com/docs/api/management/v2/tokens).

2 Likes