Updates to application permissions not taking effect

Hello! I have a machine-machine application that is connected to the Auth0 Management API. On that API I recently added the permissions for create/read/updated/delete:connections. However, making a call from this application to create connection errors with 403 Forbidden: Insufficient scope, expected any of: create:connections. I’ve waited over 24 hours now since making the change to the applications API permissions and still see this error. Am I missing a setting that enables machine-machine applications to create connections?

Hi @laura-brouckman,

Welcome to the Auth0 Community Forum!

Changes to those scopes should be instant. Can you post the code you are using to make the call, and DM me your tenant name and the name/id of the M2M app.

Let me know.

Thanks,
Dan

It actually just seems to have taken effect (after the change yesterday morning). We are using this sdk GitHub - go-auth0/auth0: ARCHIVED Go SDK for the Auth0 platform. This project is now being maintained at: https://github.com/auth0/go-auth0 so the code is something like

auth0MgmtClient, err := management.New(*auth0Domain, *auth0ClientId, auth0ClientSecret)
....
s.auth0MgmtClient.Connection.Create(connection)

since it does seem to work now, it could be something specific to either the sdk we’re using or the way our app is set up

Let me know if you experience this again, we can dive in deeper at that point.

Thanks!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.