Should I use a Regular Web Application or a Machine To Machine app to communicate with Auth0 Management API?

As the title says, I have a NextJS webapp, and I’m trying to call the Auth0 Management API to get user roles.

The NextJS webapp is an Auth0 REGULAR WEB APPLICATION and I am able to get an Auth0 Management API token. Is there a best practice to this kind of use case?

Will be happy to provide more information

Hi @to.jontan,

Can I propose an alternate solution? You can add the roles to the ID/access token in a rule and save the extra requests :smile:

If that doesn’t cover it let me know,
Dan

Thanks Dan.

Is it also possible to pass the access token from the rule as well?
Currently it’s always empty {}

Pass it where? The access token isn’t issued until after rules are completed, since rules could change the claims of the token.

From our docs, about what context.accessToken is:

An object representing the options defined on the Access Token. You can use this object to add custom namespaced claims to the Access Token. context.accessToken.scope can be used to change the Access Token’s returned scopes. When provided, it is an array containing permissions in string format. Custom claims will be included in the Access Token after all rules have run.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.