SPA+API+User Profiles - Confused

Hello all,

I’m trying to figure out how to load user profile data from a Node API. The request comes from an SPA (react) which uses Auth0 to authenticate users, passes along the bearer token to an API that uses that verifies that token and returns some data. The thing is, I need the API to load user profile data from Auth0 somehow. I thought I’d get some sort of obvious identifier in the bearer token sent by the SPA but I don’t see it. Then, when I try to use that token to fire off a call to the Auth0 server from said API, I get an Unauthorized response. Does anyone know of any sample code to get this done? The Auth0 docs (which are normally very easy and complete) have got me confused and nothing I’ve tried has worked.

Thank you for your help!

1 Like

You’ll want your Node API to talk to the Auth0 Management API. You can’t do that with the token provided to the user, as the Management API is used to do all sorts of things like create, update and delete users, connections and applications.

Auth0 has a great library ready to go for Node.js:

If you need to identity the user that’s sending the access token to your API, you can use sub. This is the user ID, so you can take that sub straight from the access token to your Management API call. For everything there is to know about access tokens, check out:

1 Like