Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to make a username password request with auth0 custom api, getting error "unsupported grant type: password" error

Tags:

auth0

I tried using the auth0 postman template to make an authentication request using username and password and I'm getting an unsupported grant type: password error. What am I doing wrong?

var client = new RestClient("https://test.auth0.com/oauth/token");
var request = new RestRequest(Method.POST);
request.AddHeader("postman-token", "abc");
request.AddHeader("cache-control", "no-cache");
request.AddHeader("content-type", "application/x-www-form-urlencoded");
request.AddParameter("application/x-www-form-urlencoded", "grant_type=password&client_id=foo&audience=&username=test&password=test&scope=openid%20email%20picture%20nickname", ParameterType.RequestBody);
like image 441
MonkeyBonkey Avatar asked Jan 13 '17 02:01

MonkeyBonkey


People also ask

What is OAuth password Grant?

The Password grant type is a way to exchange a user's credentials for an access token. Because the client application has to collect the user's password and send it to the authorization server, it is not recommended that this grant be used at all anymore.

Does Auth0 support OAuth?

Auth0 uses the OpenID Connect (OIDC) Protocol and OAuth 2.0 Authorization Framework to authenticate users and get their authorization to access protected resources.

What is authorization Auth0?

Authentication is the act of identifying a user or a device. Authorization is the act of allowing or denying users and devices access rights.


2 Answers

  1. Log into the Auth0 dashboard
  2. Go to account settings (top right under your username)
  3. On the general tab scroll down to the API Authorization Settings section
  4. Default Audience would be your API identifier (if you have an API)
  5. Default Directory would be your connection such as database connection name

In your POST to oauth/token do not include audience (if you specified the default above).

Gotta love how Auth0 makes authentication easy and painfully hard at the same time.

Refer below screenshot as a reference. enter image description here

like image 91
The Muffin Man Avatar answered Sep 22 '22 19:09

The Muffin Man


Go to Default App > Settings >

In the bottom of settings, Click {Show Advanced Settings}

Select Grant Types Tab

Check the password which is unchecked by default

Post request to *//oauth/token and it works

enter image description here

like image 40
SIbghat Avatar answered Sep 25 '22 19:09

SIbghat