This article addresses an issue where updating user_metadata using a custom API results in a Bad Audience error. Accessing the Management API endpoint directly also returns a 401 Unauthorized error.

• Auth0

• Management API

The endpoint being called is an Auth0 Management API v2 endpoint. This endpoint requires the token audience to be set to the Auth0 Management API endpoint and requires the update:current_user_metadata scope. The error occurs because the token is missing this required audience and scope.

To resolve this error, ensure the token request is configured correctly:

1. Set the token audience to the Auth0 Management API endpoint.

2. Include the update:current_user_metadata scope.

Required scopes for other endpoints are available in the Management API v2 documentation.

Related References

• APIs
• API Settings
• Add API Permissions
• Scopes