3rd party access from frontend


We’ve built an API that uses auth0 for authentication. So far the consumers of the the API are agencies working with our clients and so far they’ve had backend structures where they could generate access tokens using Machine to Machine application and client id and secret.

We’ve now got a 3rd party who wants to access the API directly from frontend, specifically from Sharepoint. We’re not sure how to address this using Auth0. Until now we’ve been unaware that they wanted to do it from frontend, so we’ve created a machine to machine application access for them, but that very quickly used our entire quota tokens.

I’ve only been able to find examples of this where users authenticate, which isn’t applicable to us. Only thing we’ve come up with so far is to create a SPA application and have 1 user, which is the frontend user, but this doesn’t feel right either.

If there’s any similar topics or documents I’ve missed, please just send me in that direction :slight_smile:

Hi there @ah1 and welcome to the Auth0 Community!

I apologize for the delay in response. Do you have an idea on the activity they will send your way to manage quota impact? Can you DM me your tenant name so I can take a closer look at your account when you get a chance? It may be that time where you would want to level up your current subscription tier but before doing that I would like to find out more details about the circumstances. Thanks in advance!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.