I have a React application and a Custom API. I’m using the Implicit Flow, as explained in the SPA Quickstart (Auth0 React SDK Quickstarts: Login) to get an access_token and then I use it to make requests to my API. So far, everything working as expected.
However, when I use this same token to the Auth0 Management API (for example, for editing the current user), I get an error 401, saying “Bad audience”.
Does this mean I cannot use the same token from my API to the Auth0 Management API? If not, how do I get a token so I can use for both APIs?
Welcome to the Auth0 Community!
Take a look at this FAQ. It has some resources explaining how to use multiple scopes to accomplish this goal. There is an example linked at the bottom of the Scopes doc if you would like to see how that works.
Otherwise you will want to get a management API access token.
You could also make the call from your backend API.
Let me know if this helps!
Thank you so much for your answer!
The fact is that I thought there was a way to use the same token I get from my API to make changes in the Auth0 Management API. Apparently, there is not; so I’ll need to implement the call from my backend.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.