I am not able to login with username and password. I don’t want to use lock. I have my own beautiful login page. It was working with oauth/ro
but not with oauth/token
with
{
"client_id": authSettings.clientId,
"username": loginData.email,
"password": loginData.password,
"connection": authSettings.connection,
"grant_type": "password",
"scope": "openid",
"audience": "https://someapi.com/api"
}
The /oauth/token
endpoint does not accept a connection
parameter. If you want to specify it as part of the request then you need to use a different grant type and use the realm
parameter. See the examples in the reference documentation. In addition, if you need a refresh token you need to include the offline_access
scope and the associated API needs to allow offline access.
Something like:
{
"client_id": authSettings.clientId,
"username": loginData.email,
"password": loginData.password,
"realm": authSettings.connection, // <--
"grant_type": "http://auth0.com/oauth/grant-type/password-realm", // <--
"scope": "openid offline_access",
"audience": "https://someapi.com/api"
}
1 Like
Hi @jmangelo , I’m using AuthenticationAPIClient
and try to include offline_access
scope, however don’t see any API to include it. Or, do we set it in Auth0 dashboard (but I don’t see any place mentions offline_access
)? Could you please help me. Thanks.
Assuming you refer to the Android client then if I recall correctly you can use the setScope
helper method to set the request scopes and offline access would be one of them.