After few years using Auth0, I am considering moving to a paid plan. The problem is that my backend API is making sporadic access to management API and, if I understand correctly, this is considered “machine to machine”. My current active users usage would be between 3000 and 5000, and the “developer” plan would accomodate it for 60$ per month. We can afford it. But we need machine to machine for accessing management API, even if we just make a few calls per month and this means moving to a plan costing 700$ per month. This is way crazy… We don’t really need the additional features, we just need to make some calls to the management API. Notice that enabling machine to machine in the developer pro plan just costs 15$ more. Why I can’t simply have a 75$ plan on the basic developers? Aren’t API calls just the same?
Am I missing anything? Considerations?
Thanks a lot. I am really enjoing Auth0 and I’d really like to continue using it.
Hi @bragma.
Tokens issued for the Management API v2 don’t count into the total for issued tokens in machine-to-machine scenarios, so you are good on that front.
In any case, you might consider caching the token obtain for its duration. Machine-to-machine flows are considered safer in general so you can use longer expiration times, so your application would request only a handful of tokens a day.
Hi @nicolas_sabena, thanks for taking time answering me. So, can I safely assume that switching to “developer” (not pro) plan:
-
I can continue to use the management API?
-
I can somehow use a long lasting token and/or generate new tokens?
-
Should this require to create a machine-to-machine API connection, can I do it with the developer plan?
Pardon me if I reiterate but it is very important we can continue to access management API with the affordable developer plan.
Thanks!
Yes.
I can somehow use a long lasting token and/or generate new tokens?
Yes. The token duration for access tokens can be configured individually in the API section of the Dashboard. This is both for tokens issued for any custom APIs you define, and also for tokens for the Management API v2.
This comment I made was independent of the subscription level, and it was more of an optimization best practice: if the token you are given lasts 8 hours (or whatever is configured), there’s no point in throwing it away and asking for a new one before it expires. Your app will perform better if you cache the token obtained until it expires, because there will be less requests to Auth0.
Should this require to create a machine-to-machine API connection, can I do it with the developer plan?
Machine-to-Machine, when used for your own, custom APIs (not Management API v2) requires a Developer Pro subscription.
Hope that’s clear!
@nicolas_sabena thanks for your clear answer. Please let me suggest to improve documentation and in particular your pricing page because i found it to be confusing. I.e. the pricing page does not have any exception for the management api and the management api documentation requires me to create one, so…
In any case, thanks a lot!
Just passed the feedback to the team
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.