Auth0 Home Blog Docs

read:logs Scope Not Issued When Retrieving access_token for Management APIv2

management-api
scopes
access_token

#1

I am currently using the method described here (Python) using the Non Interactive Client Id and Secret and am retrieving an access_token that I can use on the Management APIv2 endpoints … except I cannot access logs because the scope read:logs is not granted with the response from ‘{Auth0_Domain}/v2/oauth/token’.

  1. How do I get different scopes per access_token?
  2. Can I get different scopes without having access to the API Explorer tab of the Auth0 Management API located in the Dashboard? - I am not the owner of the Management API for the tenant

The documentation (link above) says “Note, that each Non Interactive Client that accesses an API, has to be granted a set of scopes. This client that we just created has been granted all the APIv2 scopes. This means that it can access all the endpoints.” If I cannot receive scope=read:logs, does that mean the owner of the Management API has prohibited the Non Interactive Client (me - I am testing by doing a simple curl using the Id and Secret for the client) from doing so?

Many Thanks!


#2

As it turned out, the client ID and secret that I was given was for a client that did not have access to the Management API. After getting the correct ID and secret for the API Explorer Client, I was able to get all of the necessary scopes including read:logs.


#3