TCPWrapper error during axios inside Auth0 post login action

I am trying to make a call to an inhouse API in order to embed data into JWTs that are issued from Auth0. However, I keep getting this error (courtesy of RealTime web task):

Error: connect ECONNREFUSED
at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1133:16)
at TCPConnectWrap.callbackTrampoline (node:internal/async_hooks:130:17) {
errno: -111,
syscall: 'connect',
address: '',
port: 443,
config: {
adapter: [Function: httpAdapter],
transformRequest: { '0': [Function: transformRequest] },
transformResponse: { '0': [Function: transformResponse] },
headers: {
Accept: 'application/json, text/plain, */*',
'Content-Type': 'application/x-www-form-urlencoded',
'User-Agent': 'axios/0.15.2',
'Content-Length': 218
timeout: 0,
xsrfCookieName: 'XSRF-TOKEN',
xsrfHeaderName: 'X-XSRF-TOKEN',
maxContentLength: -1,
validateStatus: [Function: validateStatus],
method: 'POST',
url: 'https:/',
data: '{"grant_type":"client_credentials","client_id":"xxx","client_secret":"xxx","audience":"xxx"}'
response: undefined

I can confirm that the url that gets hit is indeed the url for our Skynamo instance. Below is the code snippet that gave rise to the error.

const path = require("path");
 * Handler that will be called during the execution of a PostLogin flow.
 * @param {Event} event - Details about the user and the context in which they are logging in.
 * @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
exports.onExecutePostLogin = async (event, api) => {
  const axios = require("axios");
  // the base URL for the licensing server. This should be
  // replaced with the production url
  const auth0 = `https://${}`;
  const url = path.join(auth0, "oauth/token");
  const audience = path.join(auth0, "api/v2/");
  const options = {
    method: "POST",
    url: url,
    headers: { "content-type": "application/x-www-form-urlencoded" },
    data: {
      grant_type: "client_credentials",
      client_id: "xxx",
      client_secret: "xxx",
      audience: audience,

  let data = null;
  try {
    data = (await axios.request(options)).data;
  } catch (err) {
    console.error(`Could not post to '${url}': ${err}`);

  if (data === null) {
    console.warn(`No data was found in request to '${url}`);

  const token = data["access_token"];
  if (typeof token === "undefined") {
    console.error(`token could not be found from data response: ${data}`);

 * Handler that will be invoked when this action is resuming after an external redirect. If your
 * onExecutePostLogin function does not perform a redirect, this function can be safely ignored.
 * @param {Event} event - Details about the user and the context in which they are logging in.
 * @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
// exports.onContinuePostLogin = async (event, api) => {
// };

Hi @jasonkofogeorge,

Welcome to the Auth0 Community!

From looking at the code snippets that you shared, it seems that you are trying to get a Management API Access Token in a Post Login Action.

After testing, I have managed to get the Management API to work in Actions with the following snippet:

exports.onExecutePostLogin = async (event, api) => {
  var axios = require("axios").default;
  var options = {
    method: 'POST',
    url: '',
    headers: {'content-type': 'application/json'},
    data: {
      grant_type: 'client_credentials',
      client_id: 'YOUR_CLIENT_ID',
      client_secret: 'YOUR_CLIENT_SECRET',
      audience: ''
  axios.request(options).then(function (response) {
    console.log("access token: ",;
  }).catch(function (error) {

I recommend that you give this a try and then append your custom error handling logic on top of this example.

Alternatively, you could follow this How can I use the Management API in Actions? FAQ which describes how to use the Management API with the Management Client.

Hoped this helps!

Please let me know if there are any other questions. I’d be glad to help.

Thank you.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.