M2M Clients

Authentication for external services to access the API.

Get M2M client id for an organization

get

Retrieves the Auth0 M2M client ID associated with the current organization. This client ID is used for machine-to-machine authentication.

Authorizations

AuthorizationstringRequired

M2M authentication token

Responses

200Success

No content

401Error

403Error

get

/m2m/client-id

GET /m2m/client-id HTTP/1.1
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

Get M2M client secret for an organization

get

Retrieves the Auth0 M2M client secret associated with the current organization. Use this secret along with the client ID to obtain an access token.

Authorizations

AuthorizationstringRequired

M2M authentication token

Responses

200Success

No content

401Error

403Error

get

/m2m/client-secret

GET /m2m/client-secret HTTP/1.1
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

Get an access token using client credentials

post

Exchanges M2M client credentials (client ID and secret) for an access token. This token can be used to authenticate requests to the Public API endpoints. Requires Admin role.

Authorizations

AuthorizationstringRequired

M2M authentication token

Body

grant_typestring · enumRequired

OAuth 2.0 grant type

Default: client_credentialsPossible values:

client_idstringRequired

OAuth 2.0 client identifier

client_secretstringRequired

OAuth 2.0 client secret

Responses

200

Successfully obtained access token

application/json

access_tokenstringRequired

Auth0 M2M access token (JWT) used for authenticating requests to the Public API

Example:

eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

token_typestringRequired

Token type, typically "Bearer"

Example: Bearer

expires_innumberRequired

Token expiration time in seconds

Example: 86400

401Error

403Error

429

Too many requests

application/json

post

/m2m/token

POST /m2m/token HTTP/1.1
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 77

{
  "grant_type": "client_credentials",
  "client_id": "text",
  "client_secret": "text"
}

{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  "token_type": "Bearer",
  "expires_in": 86400
}

Rotate client secret

post

Rotates the M2M client secret for the organization. The old secret will be invalidated and a new secret will be generated. Update your authentication systems with the new secret.

Authorizations

AuthorizationstringRequired

M2M authentication token

Responses

200Success

No content

401Error

403Error

post

/m2m/rotate

POST /m2m/rotate HTTP/1.1
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

PreviousInsight Images NextModels

Last updated 7 days ago

hashtagGet M2M client id for an organization

hashtagGet M2M client secret for an organization

hashtagGet an access token using client credentials

hashtagRotate client secret

Get M2M client id for an organization

Get M2M client secret for an organization

Get an access token using client credentials

Rotate client secret