Refresh API Management Token on NodeJS

Hello guys, I am looking for a way to programmatically refresh/renew my token on the backend. I have the following situation:
When a user is created on the backend of my platform, I call the API Management of Auth0 to create the user as well on my Auth0 account. So far, I was using an API Management Token that I copied and pasted from my app, directly from the Auth0 dashboard, but it expires after maximum 30 days. So I need a way to renew it.
I followed this tutorial https://auth0.com/docs/api/management/v2/get-access-tokens-for-production but what I get seems to be more like an access token (rather than an API Management token, which is longer), and if I try to authenticate against the /api/v2/users I get a “wrong token” error.

This is my code so far:

const options = {
method: ‘POST’,
url: https://${process.env.AUTH0_DOMAIN}/oauth/token,
headers: { ‘content-type’: ‘application/x-www-form-urlencoded’ },
form: {
grant_type: ‘client_credentials’,
client_id: process.env.AUTH0_CLIENT_ID,
client_secret: process.env.AUTH0_CLIENT_SECRET,
audience: https://${process.env.AUTH0_DOMAIN}/api/v2/,
},
};
let newToken;
await request(options, (error, response, body) => {
if (error) throw new Error(error);

console.log(’**********’);
newToken = JSON.parse(body).access_token;
console.log(newToken); // Prints what seems to be an access token
});

Then, when I try to use it:

const auth0CallOptions = {
url: ‘https://MY_DOMAIN/api/v2/users’,
method: ‘POST’,
auth: {
bearer: newToken,
},
form: {
email: Email,
user_metadata: {
phone_number: Phone,
username: UserName,
}, …

It prints an error “Invalid token”. I made sure about sending the token that I got on the first call, even by copying and pasting it.

Hi @hugo.delacruz,

There is pre-built code to request a management API token if you navigate to your Auth0 Dashboard > APIs > Auth0 Management API > Test > Node.js.

Let me know if this works for you.

Thanks,
Dan

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.