Auth0 Home Blog Docs

Unauthorized, Bad audience for management api




My login method is following:

import auth0 from ‘auth0-js’;

const webAuth = new auth0.Authentication({
domain: ‘’,
clientID: ‘xxx’,
responseType: ‘token id_token’,
redirectUri: ‘http://localhost:3000/callback’,
audience: ‘http://localhost:3000

await webAuth.login({
username: this.formEmail,
password: this.formPassword,
realm: ‘Username-Password-Authentication’,
scope: ‘openid profile email app_metadata user_metadata update:users update:users_app_metadata’

I get a proper access_token.
I get: {“statusCode”:401,“error”:“Unauthorized”,“message”:“Bad audience: http://localhost:3000”}
when I call the management API with following.

const webAuth = new auth0.Management({
domain: ‘’,
token: localStorage.getItem(‘access_token’)

await webAuth.patchUserMetadata(userId, {
“name”: this.formName,
“nickname”: this.formNickname
}, (error, result) => {

There are no options to set audience on the Management API.


I see in your code you have set the audience in your authorization request to audience: ‘http://localhost:3000’. The audience parameter needs to be set to the target API, in this case of calling Auth0 management API you should use audience: 'https://your-auth0-domain/api/v2/˜' .

Please let me know if that helps.


I have already tried to set my authentication audience to that.
But then I can’t login, I get.

{"error":"invalid_request","error_description":"invalid audience specified for password grant exchange"}