I’ve managed to successfully get a scope=openid,offline_access,read:users,read:users_app_metadata device flow bearer token with audience=https://pearl-dev.us.auth0.com/api/v2/.
However, making a simple call to m/api/v2/users-by-email is failing with
{"statusCode":401,"error":"Unauthorized","message":"Invalid token","attributes":{"error":"Invalid token"}}
I’ve also tried doing a general purpose : /api/v2/users?q=
API call and that fails also … so I’m struggling to understand whether this Device Auth flow actually renders Bearer tokens that can make any api calls Auth0 Management API at all.
Any help is appreciated.
Hi @gerald.talton,
Welcome to the Auth0 Community!
I understand that you encountered issues when requesting the Management API Search users by Email endpoint.
First, could you please check if the access token has the correct claims when decoded using jwt.io?
And could you please make sure that your application is authorized to call the Management API by checking the Management API settings?
To do so, please navigate to your Auth0 Dashboard > Applications > APIs > Auth0 Management API > Machine to Machine Applications. On there, make sure that your application is authorized and expand the permissions and select all the required scopes.
Once that is complete, you can get an access token to call the Management API Search users by Email endpoint.
Lastly, you may find our Get Management API Access Tokens for Production documentation useful.
Please let me know how this goes for you.
Thank you.
1 Like