Authorize Machine-to-Machine Applications for Management API

The first time you get a token for the Management API is when you complete the configuration in the Auth0 Dashboard. You won't have to do this again unless you create a new tenant. We recommend that you create a token exclusively for authorizing access to the Management API instead of reusing another one you might have.

  1. Go to Dashboard > Applications > APIs and select Auth0 Management API.

  2. Select the API Explorer tab.

  3. Click Create & Authorize a Test Application. A new application has been created and is authorized to access the Management API.

Dashboard Applications APIs Auth0 Management API Explorer Tab Authorize and Test

The application created in the steps above has been granted all the Management API scopes. This means that it can access all endpoints.

How can I find out which scopes/permissions are required for the Management API?

Each machine-to-machine application that accesses an API must be granted a set of Scopes. Scopes are permissions that should be granted by the owner. Each Auth0 Management API v2 endpoint requires specific scopes. To see the required scopes/permissions for each endpoint, go to the Management API Explorer and find the endpoint you want to call. Each endpoint has a section called Scopes listing all the scopes that the endpoint accepts.

Example: Get All Connections endpoint

The Get All Connections endpoint accepts the read:connections scope while the Create a Connection endpoint accepts the write:connections scope. Our machine-to-machine token should only need the read:connections scope in order to access data from that endpoint.

If you have multiple applications that should access the Management API, then you should create separate machine-to-machine applications for each application in Auth0 instead of just a single machine-to-machine application.

Learn more