Resource Owner Password Grant (ROPG) Flow Returns Authorization Server Not Configured With Default Connection Error

Last Updated: Jul 25, 2025

Overview

This article addresses an error that occurs when attempting to obtain a token using the Resource Owner Password Grant (ROPG) flow. When making a request to the /oauth/token endpoint with a command similar to the one below:

curl --request POST
–url ‘https://mydomain.auth0.com/oauth/token’
–header ‘content-type: application/x-www-form-urlencoded’
–data grant_type=password
–data ‘username=###EMAIL###’
–data ‘password=###PASSWORD###’
–data ‘client_id=###CLIENT_ID###’
–data ‘client_secret=###CLIENT_SECRET###’

The request returns the following error:

{"error":"server_error","error_description":"Authorization server not configured with default connection."}

Applies To

  • Resource Owner Password Grant (ROPG) Flow
  • Authorization Server
  • Default Connection

Cause

The Resource Owner Password Grant (ROPG) flow requires a default connection to be configured for the authorization server. This error occurs when a default connection is not set.

Solution

There are two solutions to resolve this error:

  1. Set the default connection for the tenant.
  • Go to Auth0 Dashboard > Tenant Settings, and scroll down to locate the Default Directory setting.
  • Enter the name of the connection you would like to use. Make sure it is capable of authenticating users by username and password.
  1. Configure Realm Support using password-realm grant type. Auth0 provides an extension grant that offers similar functionality to the Resource Owner Password grant, but allows you to keep separate user directories (which map to separate connections) and specify which one to use during the flow.
    To use this variation, you must:
  • Set the grant_type request parameter to http://auth0.com/oauth/grant-type/password-realm.
  • Send an additional request parameter called realm, and set it to the name of the realm to which the user belongs. For example, if you have configured a database connection for internal employees named employees, and your user belongs to it, then set realm to employees.

Related References

1 Like