I am not able to login with username and password. I don’t want to use lock. I have my own beautiful login page. It was working with oauth/robut not with oauth/token with
{
"client_id": authSettings.clientId,
"username": loginData.email,
"password": loginData.password,
"connection": authSettings.connection,
"grant_type": "password",
"scope": "openid",
"audience": "https://someapi.com/api"
}
The /oauth/token endpoint does not accept a connection parameter. If you want to specify it as part of the request then you need to use a different grant type and use the realm parameter. See the examples in the reference documentation. In addition, if you need a refresh token you need to include the offline_access scope and the associated API needs to allow offline access.
Something like:
{
"client_id": authSettings.clientId,
"username": loginData.email,
"password": loginData.password,
"realm": authSettings.connection, // <--
"grant_type": "http://auth0.com/oauth/grant-type/password-realm", // <--
"scope": "openid offline_access",
"audience": "https://someapi.com/api"
}
Hi @jmangelo , I’m using AuthenticationAPIClient and try to include offline_access scope, however don’t see any API to include it. Or, do we set it in Auth0 dashboard (but I don’t see any place mentions offline_access)? Could you please help me. Thanks.
Assuming you refer to the Android client then if I recall correctly you can use the setScope helper method to set the request scopes and offline access would be one of them.