I’m trying to use the Management API to get list of users for the specific application.
Several applications under one tenant - each of them has its own Database connection.
To talk to Management API - I’m using the specific app settings (client id, client secret) to obtain the Bearer token. Then I’m calling the /api/v2/users endpoint with that token. Unfortunately, the results I get back are all the users for the tenant (means include all users from all applications).
What I’m really after would be only the subset of the users (but in general data from other endpoints as well) that would be related only for that specific app used to get the token.
I’m building a custom “admin” section of my app that should allow for user management inside my app (list/add/update/delete/change password). That app is deployed for several customers and uses auth0 app/db connection for each customer.
Is there any way how to achieve this?
Btw. specifying the query string parameter is a no go from security point of view.