Receiving Invalid token when retrieving user metadata

Taco · August 17, 2018, 1:58pm

After creating a new tenant I receive an error when retrieving user meta_data. For an older tenant I have no problems receiving this information.

I receive the following error with the Swift Auth0 library:

Failed with unknown error ["attributes": { error = "Invalid token"; }, "statusCode": 401, "message": Invalid token, "error": Unauthorized]

This error occurs either for password or social login and no rules are implemented. Unfortunately, I was unable to observe any difference in settings between the tenants. Since it just works for the older tenant, I am wondering what settings might be underlying to the error above.

Carlos_Mostek · August 17, 2018, 4:43pm

Which endpoint are you using to fetch the user_metadata? Which token are you using to authorize the call?

In older tenants it was allowed to send the ID token to the Auth0 management API to fetch user metadata, if you are doing that, it is likely blocked (and should be blocked) in your new tenant. You should use /userinfo, augment your token in a rule (best option as that will remove the need for another API call altogether), pass the https://YOUR_TENANT.auth0.com/v2/api audience into authorize with the scope read:current_user_metadata and then use the access token to call the management API, or from your backend use client credentials to get a read:user scoped access token to call the management API.

Taco · August 20, 2018, 9:20am

With you suggestions I was able to get it working!

However, updating userinfo still does not work. What I wanted to do is to retrieve and update userinfo in a frontend client using the Authentication API. Previously, I just used the Auth0.swift library for this (requiring an idToken instead of an access token as you mentioned):

Auth0
    .users(token: idToken)
    .get(userId, fields: ["user_metadata"], include: true)
    .start { result in

With the older tenant this works, but with the newest it doesn’t. So, I removed the library and with your suggestions I was able to retrieve the userinfo both using the management API (with the explorer), and using the authentication API with a request to https://TENANT.auth0.com/userinfo and a rule to include user_medata.

Although I was able to update this information with management API, with the authentication API I receive a statuscode 404. See the curl command for example:

curl https://TENANT.eu.auth0.com/userinfo \
	-X PATCH \
	-H 'Content-Type: application/json' \
	-H 'Authorization: Bearer ABCD' \
	-d '{ "NAMESPACEuser_metadata" : { "name" : "NEWNAME" } }'

Would you be able to comment on this as well?

Taco · September 12, 2018, 2:43pm

Any idea how to update user_metadata by a http request? I would appreciate any hints of what might be wrong with the curl command above.

konrad.sopala · August 20, 2019, 10:03am

Hey there!

Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!

Do you still require further assistance from us?

Topic		Replies	Views
Can't retrieve user metadata in Swift Help auth0 , management-api , user-metadata , swift , auth0swift	2	4688	July 25, 2019
I get 'invalid token' error Help jwt , auth0 , management-api	3	2009	April 8, 2022
Get Auth0 Management API invalid token error Help	7	7561	October 6, 2022
iOS update user metadata Help user-metadata , ios	3	4313	August 9, 2019
Using Management API from a Login of a SPA Help auth0 , api , login	3	2819	May 12, 2021

Receiving Invalid token when retrieving user metadata

Related Topics