New ManagementClient() refuses to refresh access token

gabriel.mojica · January 29, 2025, 7:22pm

I’m running into an issue with my Next.js backend where when I callnew managementClient() inside a route & then execute an action with it, it returns a message “Expired token received for JSON Web Token validation”. I’m getting the client with domain, clientid, & clientsecret as args & it did work up until today when I started getting this error and can’t get it to disappear.

My first thought was that the small function I created to basically reuse the management client if it already existed to reduce the number of api calls was causing it not be refreshed. However, even after removing that & creating a new management client for each request, that still didn’t fix the issue and I received the same error.

I’m not exactly sure how to fix this since I’ve followed all the docs provided by auth0 so besides going and creating a manual process to refresh the management api token via http request calls, I don’t know what the next step would be. It was my understanding that using nodejs library, clientid-clientsecret, & managementClient utility it would handle refreshes on its own.

rueben.tiow · January 29, 2025, 11:28pm

Hi @gabriel.mojica,

According to the “Expired token received for JSON Web Token validation” error message, it’s indicating that the access token being used has expired.

I went ahead and checked your tenant logs and found numerous “successful exchange of Access Token for a Client Credentials Grant logs” (seccft) logs.

Additionally, I checked your API settings and found that you have the Token Lifetime set to 24 hours and the Token Lifetime for Browser-based Flows set to 2 hours. These settings look fine.

I suggest that you decode your access token to verify that you are using the newly issued access tokens after expiration. Then, ensure you issue a new access token if the previous token has expired. This way, you won’t go over the quota for issuing M2M tokens.

Let me know if you continue having issues.

Thanks,
Rueben

system · February 12, 2025, 11:28pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Expired token received for JSON Web Token validation Help management-api , users	2	285	May 15, 2024
Refresh Management API Token Help management-api , roles	4	881	December 14, 2023
Expired Management API Token with node-auth0 Help management-api , users	3	25	February 18, 2025
How to manage Management API Token? Help token , access_token	3	2091	August 1, 2023
Rotating an expired Management API Access Token Help auth0 , api , management-api , github , access-token	1	3352	November 19, 2020

New ManagementClient() refuses to refresh access token

Related topics