Update user (v2 api) 'Access-Control-Allow-Origin' header issue

I have put the domain into the Allowed Web Origins and Allowed Origins (CORS) boxes in the applications Auth0 settings. I also put the domain in the Access-Control-Allow-Origin header.



The Authorization header gets the token variable from an /oauth/token response’s access_token property
image

We don’t recommend calling the management API from the frontend, it opens up your Auth0 account to abuse.

Typically you would let your API or backend handle this type of transaction, or act as a proxy for your frontend.

1 Like

okay i’ve gone through steps to get a Management API v2 token response shown via link below but I’m just getting the same Access-Control-Allow-Origin error on that instead now:

Are you doing this from the front end? You should not do this from a client side application.

I have moved this over to an express server now, made some progress but now getting a 404 response from https://*********.eu.auth0.com/api/v2/${id}

(I will edit the below to ensure the api access_token doesn’t get sent to the front-end)

I get the Management API v2 token like this (seems to be working):

and then try and update the user using the access_token response I get from the above as well as the below:
image

this is just trying to update the nickname property but just get the below response:

1 Like

Awesome :+1:

It looks like you are missing the /users path in the URL you are calling.

We also have a node package you can use so you don’t have to hard code every request. :slight_smile:

P.S. We (and most forums) greatly prefer code in a codeblock over pictures of code :smile:

Thanks!

3 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.