User's cope for deleting machine token

vaclav.ehrlich · January 8, 2024, 3:02pm

Hi, one of the features we are utilizing from Auth0 is Devices (found in the User Details page). Some of our users are experiencing difficulties while attempting to revoke those device tokens. The error message from the Auth0 response is:

Deleting machine token ID failed with Request to /api/v2/device-credentials/ID was made without sufficient privileges. Error text: Auth0 Error Details: error=Forbidden, message=Insufficient scope, expected any of: delete:device_credentials,delete:current_user_device_credentials, error_code=None"

Removing some tokens is easy, and requests should be the same for both groups.
Is there any way to identify what’s wrong with a user’s privileges to delete a token created by that user?

Thank you for any hint,
Vaclav

marcelina.barycka · January 8, 2024, 3:58pm

Hi and welcome to Auth0 @vaclav.ehrlich !

To call the Management API endpoint: /api/v2/device-credentials/ID you would need to use a Management API access token with respective scopes.

You can assure the needed privileges by going to you Auth0 tenant → APIs → Management API → MachineToMachine Applications → and unfold one of them → select the respective scopes.

Later, you can request a Management API token for the unfolded app using the client credentials flow.

The received access token should now have the relevant scopes to deleted device credentials.

Please let us know if that worked for you!

system · January 22, 2024, 3:58pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.