Unable to make my token dynamic in my rule

sandT · February 16, 2023, 11:02pm

Hello, I created a machine to machine application which help me enable Auth0 management API. from that API a token was generated. Currently in my login rule, the token is hardcoded (copied and paste from the API explorer) but I would like it to be dynamic so the token can be read directly from the API explorer without me copying from there everyday (my token has a 24hrs expiration).
Any idea on how to resolve it?

function (user, context, callback) {
  var ManagementClient = require('auth0').ManagementClient;
  var management = new ManagementClient({
    token: "eyJhb.......",
    domain: auth0.domain
  });

here is how I currently refer to my token and do not want to have to update it daily

dan.woda · February 22, 2023, 2:03pm

Hi @sandT,

You can exchange client credentials for a fresh token. Do this by adding the client ID and secret as options in your management client instead of specifying the token directly.

There is an example on the first page of auth0-node docs: ManagementClient - Documentation.

sandT · February 22, 2023, 6:21pm

Thanks Dan it worked!

dan.woda · February 22, 2023, 7:11pm

No problem.

One thing I forgot to mention, keep in mind the Management API rate limits when working with the API in a rule. You will quickly run into the limits if you are calling the managment API on every auth request.

system · March 8, 2023, 7:11pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.