•   3 months ago

The token vault privileged access feature is not enabled for this tenant

{"statusCode":403,"error":"Forbidden","message":"The token vault privileged access feature is not enabled for this tenant.","errorCo why im getting thiis error when i try to make a request to the account management api to store my public key and one more thing. the whole token vault thing is very confusing to do setup .

  • 1 comment

  • Manager   •   3 months ago

    Hi Mahdy,

    This is something you can configure I believe. Try this:
    1) Ensure your Auth0 client application is a first-party, confidential client and is OIDC conformant. So no SPA or native/mobile app.
    2) If you haven't, go in the Auth0 Dashboard, navigate to the application's Advanced Settings > Grant Types and enable the Token Vault grant type.
    3) Configure either Private Key JWT or mutual TLS authentication for the client application.
    4) Set the public key for Token Vault privileged access when creating or configuring the client. This is used to verify the signed JWT.
    5) The application needs to create a signed JWT with a typ of token-vault-req+jwt in the header. The payload should include the sub (user ID), aud (tenant host), and iss (client ID).
    6) Your application should then hopefully be able to exchange this signed JWT for an access token for the external API.

Log in or sign up for Devpost to join the conversation.