breaking: Remove the Management API support

EXAMPLES.md

@@ -2878,232 +2878,6 @@ params.put("screen_hint", "signup");
 ```
 </details>
 
-## Management API
-
-The client provides a few methods to interact with the [Users Management API](https://auth0.com/docs/api/management/v2/#!/Users).
-
-Create a new instance passing the account and an access token with the Management API audience and the right scope:
-
-```kotlin
-val users = UsersAPIClient(account, "api access token")
-```
-
-<details>
-  <summary>Using Java</summary>
-
-```java
-Auth0 account = Auth0.getInstance("client id", "domain");
-UsersAPIClient users = new UsersAPIClient(account, "api token");
-```
-</details>
-
-### Link users
-
-```kotlin
-users
-    .link("primary user id", "secondary user token")
-    .start(object: Callback<List<UserIdentity>, ManagementException> {
-
-        override fun onFailure(exception: ManagementException) { }
-
-        override fun onSuccess(identities: List<UserIdentity>) { }
-    })
-```
-
-<details>
-  <summary>Using coroutines</summary>
-
-```kotlin
-try {
-    val identities = users
-        .link("primary user id", "secondary user token")
-        .await()
-    println(identities)
-} catch (e: ManagementException) {
-    e.printStacktrace()
-}
-```
-</details>
-
-<details>
-  <summary>Using Java</summary>
-
-```java
-users
-    .link("primary user id", "secondary user token")
-    .start(new Callback<List<UserIdentity>, ManagementException>() {
-        @Override
-        public void onSuccess(List<UserIdentity> payload) {
-            //Got the updated identities! Accounts linked.
-        }
-
-        @Override
-        public void onFailure(@NonNull ManagementException error) {
-            //Error!
-        }
-    });
-```
-</details>
-
-### Unlink users
-
-```kotlin
-users
-    .unlink("primary user id", "secondary user id", "secondary provider")
-    .start(object: Callback<List<UserIdentity>, ManagementException> {
-
-        override fun onFailure(exception: ManagementException) { }
-
-        override fun onSuccess(identities: List<UserIdentity>) { }
-    })
-```
-
-<details>
-  <summary>Using coroutines</summary>
-
-```kotlin
-try {
-    val identities = users
-        .unlink("primary user id", "secondary user id", "secondary provider")
-        .await()
-    println(identities)
-} catch (e: ManagementException) {
-    e.printStacktrace()
-}
-```
-</details>
-
-<details>
-  <summary>Using Java</summary>
-
-```java
-users
-    .unlink("primary user id", "secondary user id", "secondary provider")
-    .start(new Callback<List<UserIdentity>, ManagementException>() {
-        @Override
-        public void onSuccess(List<UserIdentity> payload) {
-            //Got the updated identities! Accounts linked.
-        }
-
-        @Override
-        public void onFailure(@NonNull ManagementException error) {
-            //Error!
-        }
-    });
-```
-</details>
-
-### Get User Profile
-
-```kotlin
-users
-    .getProfile("user id")
-    .start(object: Callback<UserProfile, ManagementException> {
-
-        override fun onFailure(exception: ManagementException) { }
-
-        override fun onSuccess(identities: UserProfile) { }
-    })
-```
-
-<details>
-  <summary>Using coroutines</summary>
-
-```kotlin
-try {
-    val user = users
-        .getProfile("user id")
-        .await()
-    println(user)
-} catch (e: ManagementException) {
-    e.printStacktrace()
-}
-```
-</details>
-
-<details>
-  <summary>Using Java</summary>
-
-```java
-users
-    .getProfile("user id")
-    .start(new Callback<UserProfile, ManagementException>() {
-        @Override
-        public void onSuccess(@Nullable UserProfile payload) {
-            //Profile received
-        }
-
-        @Override
-        public void onFailure(@NonNull ManagementException error) {
-            //Error!
-        }
-    });
-```
-</details>
-
-### Update User Metadata
-
-```kotlin
-val metadata = mapOf(
-    "name" to listOf("My", "Name", "Is"),
-    "phoneNumber" to "1234567890"
-)
-
-users
-    .updateMetadata("user id", metadata)
-    .start(object: Callback<UserProfile, ManagementException> {
-
-        override fun onFailure(exception: ManagementException) { }
-
-        override fun onSuccess(identities: UserProfile) { }
-    })
-```
-
-<details>
-  <summary>Using coroutines</summary>
-
-```kotlin
-val metadata = mapOf(
-    "name" to listOf("My", "Name", "Is"),
-    "phoneNumber" to "1234567890"
-)
-
-try {
-    val user = users
-        .updateMetadata("user id", metadata)
-        .await()
-    println(user)
-} catch (e: ManagementException) {
-    e.printStacktrace()
-}
-```
-</details>
-
-<details>
-  <summary>Using Java</summary>
-
-```java
-Map<String, Object> metadata = new HashMap<>();
-metadata.put("name", Arrays.asList("My", "Name", "Is"));
-metadata.put("phoneNumber", "1234567890");
-
-users
-    .updateMetadata("user id", metadata)
-    .start(new Callback<UserProfile, ManagementException>() {
-        @Override
-        public void onSuccess(@Nullable UserProfile payload) {
-            //User Metadata updated
-        }
-
-        @Override
-        public void onFailure(@NonNull ManagementException error) {
-            //Error!
-        }
-    });
-```
-</details>
-
-> In all the cases, the `user ID` parameter is the unique identifier of the auth0 account instance. i.e. in `google-oauth2|123456789` it would be the part after the '|' pipe: `123456789`.
 
 ## Token Validation
 The ID token received as part of the authentication flow is should be verified following the [OpenID Connect specification](https://openid.net/specs/openid-connect-core-1_0.html).

V4_MIGRATION_GUIDE.md

@@ -96,6 +96,20 @@ buildscript {
     - [signupWithPasskey()](auth0/src/main/java/com/auth0/android/authentication/AuthenticationAPIClient.kt#L319-L344) -
       Sign up a user and returns a challenge for key generation
 
+- The Management API support has been removed. This includes the `UsersAPIClient` class, `ManagementException`, and `ManagementCallback`.
+
+  > **Note:** This only impacts you if your app used the Management API client (`UsersAPIClient`). 
+
+  **Impact:** Any code that references `UsersAPIClient`, `ManagementException`, or `ManagementCallback` will no longer compile.
+
+  **Migration:** Instead of calling the Management API directly from your mobile app, expose dedicated endpoints in your own backend that perform the required operations, and call those from the app using the access token you already have.
+
+  For example, if you were reading or updating user metadata:
+
+  1. Create a backend endpoint (e.g. `PATCH /me/metadata`) that accepts the operation your app needs.
+  2. Call that endpoint from your app, passing the user's access token as a `Bearer` token in the `Authorization` header.
+  3. On your backend, obtain a machine-to-machine token via the Client Credentials flow and use it to call the Management API with the precise scopes required.
+
 ### DPoP Configuration Moved to Builder
 
 The `useDPoP(context: Context)` method has been moved from the `WebAuthProvider` object to the login