User to be acted on does not match subject in bearer token error

lihua.zhang · August 15, 2022, 7:50pm

Problem Statement:

We created an M2M Application and a new API. In the API, we added the “current_user” scope. When requesting token for the M2M app, we received HTTP 403 responses error for user read requests.

com.auth0.exception.APIException: Request failed with status code 403: User to be acted on does not match the subject in bearer token.

Solution:

If any current_user scope is added to the API, the token will be treated as a non-M2M token and sub will be checked, so please omit current_user scopes when requesting the tokens for the M2M app.

Topic		Replies	Views
403 Forbidden: "User to be acted on does not match subject in bearer token" [.NET Core SDK] Help users , aspnet-core , auth0-spa-js	0	3494	July 4, 2020
Unowned resource when trying to access user management API Help	5	4109	August 27, 2019
403 Error when trying to create device credentials using management api Help api	0	3307	May 25, 2020
Patch user data/ Gain management access_token Help	2	2023	December 21, 2022
Get a User API documentation Help	2	3031	December 11, 2019

User to be acted on does not match subject in bearer token error

Problem Statement:

Solution:

Related Topics