Hello guys, I am looking for a way to programmatically refresh/renew my token on the backend. I have the following situation:
When a user is created on the backend of my platform, I call the API Management of Auth0 to create the user as well on my Auth0 account. So far, I was using an API Management Token that I copied and pasted from my app, directly from the Auth0 dashboard, but it expires after maximum 30 days. So I need a way to renew it.
I followed this tutorial Get Management API Access Tokens for Production but what I get seems to be more like an access token (rather than an API Management token, which is longer), and if I try to authenticate against the /api/v2/users I get a “wrong token” error.
This is my code so far:
const options = {
method: ‘POST’,
url:https://${process.env.AUTH0_DOMAIN}/oauth/token,
headers: { ‘content-type’: ‘application/x-www-form-urlencoded’ },
form: {
grant_type: ‘client_credentials’,
client_id: process.env.AUTH0_CLIENT_ID,
client_secret: process.env.AUTH0_CLIENT_SECRET,
audience:https://${process.env.AUTH0_DOMAIN}/api/v2/,
},
};
let newToken;
await request(options, (error, response, body) => {
if (error) throw new Error(error);console.log(‘**********’);
newToken = JSON.parse(body).access_token;
console.log(newToken); // Prints what seems to be an access token
});
Then, when I try to use it:
const auth0CallOptions = {
url: ‘https://MY_DOMAIN/api/v2/users’,
method: ‘POST’,
auth: {
bearer: newToken,
},
form: {
email: Email,
user_metadata: {
phone_number: Phone,
username: UserName,
}, …
It prints an error “Invalid token”. I made sure about sending the token that I got on the first call, even by copying and pasting it.