I’m sure I’m doing something simple wrong here but I can’t request a token for my M2M client no matter what I try. If I submit my POST request with raw JSON I get a 401 access denied. If I submit my params as application/x-www-form-urlencoded I get the following 403:
"error_description": "Grant type 'client_credentials ' not allowed for the client.",
These posts seem to be having a similar problem:
I have just started with Auth0, got through some videos read the docs and made an small local nodejs client app (localhost:3000) that could authenticate using the forms from Auth0.
Then i took a look howto protect an Api and how to access it from that client.
What i have so far:
NodeJs Client App on localhost 3000
NodeJs API on localhost 3001 - sample code from Auth0 doc that checks the jwt token
Created an Client called ExpressClient (set the urls; login with id-…
I'm trying to generate a token in a WebApi so I can call the ManagementApi to update a users's meta_data. I used code that previously worked for me and received the error:
"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client."
I understand the grant type of 'client_credentials' cannot be enabled for clients in the dashboard any longer and when I create the client I need to specify that the endpoint is secret so I added the following to…
Here’s some screenshots of my requests and client and API settings. What am I doing wrong here - any help much appreciated!
Requests (running from Postman to test):
Thanks for reaching out to the Auth0 Community!
I understand you’re encountering issues getting an access token when performing a client credentials grant flow.
After looking at your screenshots carefully, it seems that you have everything configured correctly for your API.
In this case, could you please go to your
and click on the Test tab. Auth0 Dashboard > Applications > APIs > YOUR_API
On there, select your M2M application from the drop down menu, click on cURL, copy that command and import it as raw text in Postman.
Once that is complete, you can request to get an access token for your API.
I have tested this and can confirm that it works without any changes.
Please let me know how this goes.
@rueben.tiow thanks for the reply and help.
I can confirm this works and my previous requests now work.
Are you able to explain what happened here and why it started working after importing this cURL request?
Thank you for your reply, and I’m glad that it works now!
It’s likely due to the content-type header in your initial request. I have encountered this issue before when the outgoing request had correct values but still returned an error.
Hoped this helps!
Please let me know if there’s anything else I can do to help.