Node-auth0 doesn't automatically obtain token for the management api

I’m struggling to access the management api from a backend service running in node.

I’m trying to access the Auth0 Management API in a tenant. In the same tenant, I have an m2m application that has authorized that API. This m2m tenant is the test m2m application that was automatically created for a SPA application in the same tenant.

On the Get Management API access tokens for production page, after showing how to manually get an access token with an HTTP call, it says:

“As an alternative to making HTTP calls, you can use the node-auth0 library to automatically obtain tokens for the Management API.”

To me, that sounds like the node-auth module will handle getting the token. Looking at it’s examples, it seems to show the same with an example to update a users metadata like this:

import { ManagementClient } from 'auth0';

const management = new ManagementClient({
  domain: '{YOUR_TENANT_AND REGION}.auth0.com',
  clientId: '{YOUR_CLIENT_ID}',
  clientSecret: '{YOUR_CLIENT_SECRET}',
});

await management.users.update({ id: '{user id}' }, { user_metadata: { foo: 'bar' } });

However when trying this example with the m2m application & management API as described I receive an Unauthorized response.

{"statusCode":401,"error":"Unauthorized","message":"Invalid token","attributes":{"error":"Invalid token"}}

It’s not clear if I have the m2m application misconfigured or if the node-auth0 documentation is wrong and I still need to manually request an access token before creating the ManagementClient. Or if it’s something else altogether.

Any suggestions?

Hello @mscafidimcguire welcome to the community!

I believe the only thing absent is the audience param in your ManagementClient configuration:

import { ManagementClient } from 'auth0';

const management = new ManagementClient({
  domain: '{YOUR_TENANT_AND REGION}.auth0.com',
  clientId: '{YOUR_CLIENT_ID}',
  clientSecret: '{YOUR_CLIENT_SECRET}',
  audience: '{YOUR_DOMAIN}/API/V2/'

});

await management.users.update({ id: '{user id}' }, { user_metadata: { foo: 'bar' } });

Here’s an example utilizing a React sample app.

Thanks, I think I found my issue. I didn’t have the M2M application scopes configured correctly nor was I including the required scopes in my request.

Thanks

Great! Glad you were able to get this sorted and thanks for following up here :slight_smile:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.