So the Universal login and access tokens work great for authenticating calls to our APIs from a Single Page Application. But what’s the best approach for allowing users to authenticate their API calls when they programmatically call our API using their own code?
Example use case: a sensor data platform. Although the user can login to our SPA and plot the sensor data on a graph, they may wish to write their own code to query our API every hour for the latest reading from each of their sensors (eg using a cronjob). With API Keys this would have been a doddle, but what’s an elegant solution for achieving this with Auth0? Ideally the user would still call our API with an access token, so we can extract the given user’s scopes/permissions, but how do they programmatically keep their access token up to date?
Any advice would be very welcome. Thanks.