Auth0 call to /oauth/token from android

Hello,

I am trying to make a call from an android app to auth0 /oauth/token to get my token.

I am sending all the parameters needed but I am still getting back a 401 and I am confused why.

That’s how I send the parameters:

urlConnection = (HttpURLConnection) url.openConnection();
urlConnection.setRequestMethod(“POST”);
urlConnection.setRequestProperty(“Content-Type”, “application/x-www-form-urlencoded”);
//post parameters to url
urlConnection.setDoInput(true);
urlConnection.setDoOutput(true);
urlConnection.setRequestProperty(“Charset”, “UTF-8”);

//to add parameters in the uri
Uri.Builder builder = new Uri.Builder()
.authority(url.toString())
.appendQueryParameter(“grant_type”, grant_type)
.appendQueryParameter(“client_id”, client_id)
.appendQueryParameter(“audience”, audience)
.appendQueryParameter(“username”, email)
.appendQueryParameter(“password”, password)
.appendQueryParameter(“scope”, scope)
.appendQueryParameter(“client_secret”, client_secret);

builder.build().getEncodedQuery();
urlConnection.setReadTimeout(10000 /* milliseconds /);
urlConnection.setConnectTimeout(15000 /
milliseconds */);
urlConnection.connect();
int responseCode = urlConnection.getResponseCode();

and my responseCode=401.

I am not sure if it’s a java code problem or a auth0 call problem.

:wave: Which grant type are you specifying as your parameter? I would suggest using the Authorization Code Grant (PKCE) if this is a native application (which OAuth 2.0 flow to use). This OAuth 2.0 grant (for mobile apps) is used to access an API, so you use this endpoint to exchange an Authorization Code for a Token.

Authorization Code (PKCE):
https://auth0.com/docs/api/authentication#authorization-code-pkce-

There is also documentation here on how to perform the exchange:
https://auth0.com/docs/api-auth/tutorials/authorization-code-grant-pkce

Hello,

I am just trying to make a POST request to that url and get back the token. I have it working in postman but when I do implement it in android it just return me 401.

My grant_type it’s set for password.

Have you set the client_type to Native? (we can do this in our dashboard under Clients > Your Client Name > Settings for this) . Ive seen a 401 error thrown before when the client_type wasn’t properly set for an Android or iOS app. I will continue to investigate why we may be getting a 401 from /oauth/token

This topic was automatically closed after 14 days. New replies are no longer allowed.