Last Updated: Jul 25, 2025
Overview
This article addresses an error that occurs when attempting to obtain a token using the Resource Owner Password Grant (ROPG) flow. When making a request to the /oauth/token
endpoint with a command similar to the one below:
curl --request POST
–url ‘https://mydomain.auth0.com/oauth/token’
–header ‘content-type: application/x-www-form-urlencoded’
–data grant_type=password
–data ‘username=###EMAIL###’
–data ‘password=###PASSWORD###’
–data ‘client_id=###CLIENT_ID###’
–data ‘client_secret=###CLIENT_SECRET###’
The request returns the following error:
{"error":"server_error","error_description":"Authorization server not configured with default connection."}
Applies To
- Resource Owner Password Grant (ROPG) Flow
- Authorization Server
- Default Connection
Cause
The Resource Owner Password Grant (ROPG) flow requires a default connection to be configured for the authorization server. This error occurs when a default connection is not set.
Solution
There are two solutions to resolve this error:
- Go to Auth0 Dashboard > Tenant Settings, and scroll down to locate the Default Directory setting.
- Enter the name of the connection you would like to use. Make sure it is capable of authenticating users by username and password.
- Configure Realm Support using password-realm grant type. Auth0 provides an extension grant that offers similar functionality to the Resource Owner Password grant, but allows you to keep separate user directories (which map to separate connections) and specify which one to use during the flow.
To use this variation, you must:
- Set the
grant_type
request parameter tohttp://auth0.com/oauth/grant-type/password-realm
. - Send an additional request parameter called
realm
, and set it to the name of the realm to which the user belongs. For example, if you have configured a database connection for internal employees namedemployees
, and your user belongs to it, then setrealm
toemployees
.