Why You Should Always Use Access Tokens to Secure APIs
Access Tokens for the Management API
To call the Auth0 Management API v2 endpoints, you need to authenticate with a token called the Auth0 Management API Token. This token is a JSON Web Token (JWT)JSON Web Token (JWT) and it contains specific granted permissions (known as scopesscopes).
To call an endpoint for test purposes, you can get a token manually using the Dashboard. For production however, the recommended best practice is to get short-lived tokens programmatically.
To call endpoints, you will need to do the following:
- Create and Authorize a Machine-to-Machine Application
- Get Access Tokens for Testing
- Get Access Tokens for Production