Actions for Resource Owner Password Flow

Feature: Actions for the Resource Owner Password Flow

Description: The ability to run actions on the “Resource Owner Password Flow”, in order to custom claims on access tokens

Use-case: I am setting up e2e testing as described in this blog post End-to-End Testing with Cypress and Auth0. I have some custom claims in a login action, which are not set when retrieving the the access token via the password flow for the test. If either the login actions ran as part of the password flow, or if there was another action type “password” (in addition to login and M2M) then this would be possible.

As an example, this is the cURL request I’m using to pull down the access token. (I’m using password-realm since I have a custom db set up):

curl --request POST   --url https://<redacted>/oauth/token   --header 'content-type: application/json'   --data '{"client_id":"<redacted>","client_secret":"<redacted>","audience":"https://<redacted>/api/v2/","grant_type":"","username":"<redacted>","password":"<redacted>","realm":"db-connection-name"}'

Hi @timtellos,

Thanks for the feature request. Make sure to click the “Vote” button!

Following up on this thread.
If we are currently unable to add custom claims to access tokens in the Resource Owner Password Flow - what options are left to developers when using a testing client such as Postman?
Prior to the deprecation of Rules - I could guarantee that this claims customization was always running.
This loss of functionality seems like a real oversight.
Looking for some insight / suggestions on how to proceed.