Create and Authorize a Machine-to-Machine Application
The first time you get a token for the Management API is when you complete the configuration in the Auth0 Dashboard. You won't have to do this again unless you create a new tenant. We recommend that you create a token exclusively for authorizing access to the Management API instead of reusing another one you might have.
To create and authorize a Machine-to-Machine Application for the Management API:
- Go to the API Explorer tab of your Auth0 Management API
- Click the button Create & Authorize a Test Application. A new application has been created and it's authorized to access the Management API.
The application created in the steps above has been granted all the Management API scopes. This means that it can access all endpoints.
How can I find out which scopes/permissions are required?
Each machine-to-machine application that accesses an API must be granted a set of scopes. Scopes are permissions that should be granted by the owner. Each Auth0 Management API v2 endpoint requires specific scopes. To see the required scopes/permissions for each endpoint, go to the Management API Explorer and find the endpoint you want to call. Each endpoint has a section called Scopes listing all the scopes that the endpoint requires. For example, the Get all clients endpoint requires the scopes
Example: Get All Clients Endpoint
The Get all clients endpoint requires the scopes
read:client_keys, while the Create an application endpoint requires the scope
create:clients. From that we can deduce that if we need to read and create applications, then our token should include three scopes:
If you have multiple applications that should access the Management API, and you need different sets of scopes per app, we recommend creating a new machine-to-machine application for each one. For example, if one application is to read and create users (
read:users) and another to read and create applications (
read:clients) create two applications (one for user scopes, one for applications) instead of one.