API Only Authentication

rmberg · April 26, 2019, 7:19pm

Hello,

I’m having a hard time finding an example in the documentation of how I can implement an API only login flow using Auth0 (specifically not requiring a browser or redirect url). For example, I would like to provide my own ‘/api/login’ endpoint to a client. The server side implementation of this endpoint would then use the Auth0 SDK to verify the username/password and get a JWT that I can then return to the client as a response for use in subsequent calls to other endpoints. This way the client has no specific knowledge of Auth0 and only needs to know how to call our own login endpoint. Is this possible?

Thanks,
Ryan

shayan.memari · April 27, 2019, 3:57am

You can use the Resource owner password grant for logging users. Note that this flow should only be used for highly trusted applications that cannot do redirects (Which is what you are after).

Find below the relevant docs:
https://auth0.com/docs/api-auth/tutorials/password-grant
https://auth0.com/docs/api/authentication#resource-owner-password

rmberg · April 27, 2019, 5:09pm

Thank you, this is exactly what I was looking for.

system · May 12, 2019, 5:09pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to authenticate user using API without using login page Help auth0 , api , login	2	2195	May 19, 2021
Direct User Authentication for a Standalone REST API Help apis , application	6	1771	May 8, 2023
Authenticate auth0 user via API without login screen Help question	2	2799	October 1, 2022
Login endpoint based on username / password without using universal login Help login-experience , login-prompt-new-experience	3	1159	August 1, 2023
Full server-side authorization flow without login page Help	2	4369	September 19, 2021

API Only Authentication

Related topics