SPA + Custom API + Management API

andrew.hammond · 2018-10-24 07:27:04 UTC

Hi there,

I have a react SPA and I would like to allow customers to sign up/sign in and be able to edit there user metadata. This is currently using the Auth0 Lock widget.

This application is part of a small microservices architecture and the API is managed separately. When a user logs in, I used to use the management api audience and that enabled them to edit their metadata via the client side. However, now that I am using the authorization extension combined with a custom API for access control on the server side - the management api requests now fail.

Can someone please advise?

somnaderi · 2018-11-15 06:36:20 UTC

Hi – did you ever figure this out?

I literally just posted this exact same issue a few hours ago and just found this. Only difference between our setups is I’m using universal login vs. the lock widget.

Is it possible to make changes through the /userinfo endpoint (since it’s one of the 2 audiences returned after authorization)?

Som