Feature: Actions for the Resource Owner Password Flow
Description: The ability to run actions on the “Resource Owner Password Flow”, in order to custom claims on access tokens
Use-case: I am setting up e2e testing as described in this blog post End-to-End Testing with Cypress and Auth0. I have some custom claims in a login action, which are not set when retrieving the the access token via the password flow for the test. If either the login actions ran as part of the password flow, or if there was another action type “password” (in addition to login and M2M) then this would be possible.
As an example, this is the cURL request I’m using to pull down the access token. (I’m using password-realm
since I have a custom db set up):
curl --request POST --url https://<redacted>/oauth/token --header 'content-type: application/json' --data '{"client_id":"<redacted>","client_secret":"<redacted>","audience":"https://<redacted>/api/v2/","grant_type":"http://auth0.com/oauth/grant-type/password-realm","username":"<redacted>","password":"<redacted>","realm":"db-connection-name"}'