Oauth/token request access_denied


I know this question has been posted previously, but I’ve been unable to figure it out based on the previous solutions.

I have a trial account I’m using to create a proof-of-concept for a project. I can make the API call that I need to (creating a user) when hardcoding the token. However, I need to determine how to access the token using the oauth/token call going forward.

I’m following the code examples and I keep getting a 401 access_denied whether I do it from my code or a Postman request.

Application type: Regular Web Application
Token Endpoint Authentication Method: POST
Grant Type “Client Credentials” is checked

Using C# to make the request:
request.AddHeader(“content-type”, “application/x-www-form-urlencoded”);
request.AddParameter(“application/x-www-form-urlencoded”, “grant_type=client_credentials&client_id=CLIENT_ID&client_secret=CLIENT_SECRET&audience=AUDIENCE”, ParameterType.RequestBody);

^^ That is the sample code from the " Get Management API Access Tokens for Production" documentation.

I also tried it with the content-type “application/json”.

Postman example:


What in the heck am I missing? Does this not work because this is a development API and not a production API?

~ Baffled in Brooklyn

Hi @coachadnyc,

Welcome to the Auth0 Community!

In your request, you must use the application/json content-type header.

Navigate to your Auth0 Dashboard > Applications > APIs > Auth0 Management API and click on the Test Tab.

On there, click the drop-down menu for your Regular Web App, and copy the code snippet for C#. See below.

This should be the quickest way to get the correct working code snippet for getting Management API Access tokens for Production. I have tested this and can confirm that it works.

Please let me know how this goes for you.

Thank you.

1 Like

Thank you, I appreciate your response.

I did try what you suggested prior to submitting this post and unfortunately it didn’t work. I tried again for good measure.

This is my code (I’m using RestSharp)

var client = new RestClient(“https://DOMAIN”);

  •            var request = new RestRequest("oauth/token");*
  •            request.AddHeader("content-type", "application/json");*
  •            request.AddParameter("application/json", "{\"client_id\":\"CLIENTID\",\"client_secret\":\"CLIENTSECRET\",\"audience\":\"AUDIENCE\",\"grant_type\":\"client_credentials\"}", ParameterType.RequestBody);*
  •            var response = await client.PostAsync(request);*

Is it not working as expected because my tenant is still in the “Development” environment?

Thank you.

Hi @coachadnyc,

Thank you for your reply.

The Development Environment has no effect in this scenario. Generally, the 401 Unauthorized error indicates that the requesting application does not have the required permissions, the wrong content-type header, or that data passed in the client_id or client_secret values are incorrect.

In this case, I recommend double-checking the data passed in the request and ensuring that your Regular Web Application has been granted the permissions to access the Management API.

You can update the permissions by going to your Dashboard > Applications > APIs > Management API > Machine to Machine Applications and expand the permissions for your Regular Web Application and select all the necessary permissions. Don’t forget to save your changes.

Once that is complete, could you please retry and see how that goes for you?

And if you continue to encounter errors, could you share the complete error message and description, and DM me your tenant name?

Thank you.