Skip to content

MANAGEMENT_API.md

Latest commit

 

History

History
130 lines (97 loc) · 2.78 KB

MANAGEMENT_API.md

File metadata and controls

130 lines (97 loc) · 2.78 KB

Auth0 Management API Integration

This document describes the Auth0 Management API integration added to the API server.

Setup

The Management API client requires the following environment variables in .env.local:

AUTH0_DOMAIN=your-tenant.auth0.com
AUTH0_CLIENT_ID=your-client-id
AUTH0_CLIENT_SECRET=your-client-secret
AUTH0_AUDIENCE=your-api-audience

Endpoints

GET /api/users

Lists all users from your Auth0 tenant.

Query Parameters:

  • page (optional): Page number (default: 0)
  • per_page (optional): Number of users per page (default: 50)
  • include_totals (optional): Include total count (default: true)

Example Request:

GET /api/users?page=0&per_page=10&include_totals=true

Example Response:

{
  "success": true,
  "data": {
    "users": [
      {
        "user_id": "auth0|123456789",
        "email": "user@example.com",
        "name": "John Doe",
        "created_at": "2023-01-01T00:00:00.000Z",
        "updated_at": "2023-01-01T00:00:00.000Z"
      }
    ],
    "total": 1,
    "start": 0,
    "limit": 10,
    "length": 1
  }
}

GET /api/management/health

Health check endpoint to verify Management API connection.

Example Response:

{
  "success": true,
  "message": "Management API connection is healthy"
}

Authentication

All endpoints require a valid JWT token with the appropriate audience. The token should be included in the Authorization header:

Authorization: Bearer <your-jwt-token>

Error Handling

All endpoints return standardized error responses:

{
  "success": false,
  "error": "Error message description"
}

Scopes Required

The Management API client is configured with the following scopes:

  • read:users - Read user information
  • read:user_idp_tokens - Read user identity provider tokens

Adding New Endpoints

To add new Management API endpoints, follow this pattern:

app.get('/api/endpoint-name', checkJwt, async (req, res) => {
  try {
    const result = await management.someMethod(req.query);
    res.json({
      success: true,
      data: result
    });
  } catch (error) {
    console.error('Error:', error);
    res.status(500).json({
      success: false,
      error: error.message || 'Operation failed'
    });
  }
});

Available Management API Methods

The management client provides access to various Auth0 resources:

  • management.users - User management
  • management.clients - Application management
  • management.connections - Database and social connections
  • management.rules - Rules management
  • management.actions - Actions management
  • management.organizations - Organizations management
  • And many more...

Refer to the Auth0 Management API documentation for complete details.