I’m using Authentication API Debugger to test the Grant Password oauth endpoint and I’m hitting it with the following
POST https://MY_DOMAIN.auth0.com/oauth/token
{
And I keep getting unauthorised - I’ve trolled through the doco for hours and I have the correct grant type and the password is definitely correct so I’m stuck as to what I’m doing wrong.
Any help gratefully appreciated.
Cheers
Craig
1 Like
Hi @craig.wildgoat ,
Welcome to the Auth0 Community!
I understand that you are encountering problems using the Authentications API Debugging, specifically with the Unauthorized error.
Having looked closely at your POST request, it appears that you are missing the client_secret parameter.
For example:
curl --request POST \
--url 'https://YOUR_DOMAIN/oauth/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data grant_type=password \
--data username=user@example.com \
--data password=pwd \
--data audience=YOUR_API_IDENTIFIER \
--data scope=read:sample \
--data client_id=YOUR_CLIENT_ID \
--data client_secret=YOUR_CLIENT_SECRET
You may find our docs on Resource Owner Password Flow useful:https://auth0.com/docs/authorization/flows/call-your-api-using-resource-owner-password-flow#example-post-to-token-url
Please let me know how this works for you.
Thank you.
system
November 9, 2021, 5:51pm
5
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.