Call API Using Resource Owner Password Flow

Hello,

I am trying to get the token from the API using the Password Flow following this tutorial.

I am not able to successfully call the API and I receive

{"error":"access_denied","error_description":"Unauthorized"}

I am following the tutorial and I am not sure why this is not working. Any help on this?

Hi @giorgio.zorzi,

Welcome to the Auth0 Community!

Can you please share the request (with any sensitive info removed) that is causing this error?

Hi @dan.woda,

Thank you for your reply!

I am using python following the script from the link. Here it is

import http.client
import requests

url = "https://something.eu.auth0.com/oauth/token"
client_id = 'CLIENT_ID'
client_secret = 'CLIENT_SECRET'
username = 'test_user@email.com'
password = 'password'
api_identifier = '/api'
scope = "openid profile email"

conn = http.client.HTTPSConnection("")

headers = {'content-type': "application/x-www-form-urlencoded"}

data = {
    "grant_type": "password",
    "username": username,
    "password": password,
    "audience": api_identifier,
    "client_id": client_id,
    "client_secret": client_secret,
}

resp = requests.post(
    url=url,
    headers=headers,
    json=data,
)

print(resp.text)

Can you confirm that the password grant setting is turned on you application settings?

And make sure the app is authorized to access the API you are declaring in the audience param.

Yes, I made sure that both steps are as you described

Can you try removing the audience param for the sake of debugging and see if that is causing this error?

Still getting the same error

Great, we can rule that out.

Have you enabled the connection? Also, can you DM me your tenant name and the name of the client?

Hi @dan.woda,

Yes, the connection is enabled in the application.

I DM to you the other details

I figured out the problem.

I was supposed to use

resp = requests.post(
    url=url,
    headers=headers,
    data=data,
)

instead of

resp = requests.post(
    url=url,
    headers=headers,
    json=data,
)

BTW, I had to change the python library from http (the one used in the tutorial) to requests because that was erroring out for me with

Traceback (most recent call last):
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/runpy.py", line 197, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/runpy.py", line 87, in _run_code
    exec(code, run_globals)
  File "/home/gz/.vscode/extensions/ms-python.python-2022.4.1/pythonFiles/lib/python/debugpy/__main__.py", line 45, in <module>
    cli.main()
  File "/home/gz/.vscode/extensions/ms-python.python-2022.4.1/pythonFiles/lib/python/debugpy/../debugpy/server/cli.py", line 444, in main
    run()
  File "/home/gz/.vscode/extensions/ms-python.python-2022.4.1/pythonFiles/lib/python/debugpy/../debugpy/server/cli.py", line 285, in run_file
    runpy.run_path(target_as_str, run_name=compat.force_str("__main__"))
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/runpy.py", line 268, in run_path
    return _run_module_code(code, init_globals, run_name,
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/runpy.py", line 97, in _run_module_code
    _run_code(code, mod_globals, init_globals,
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/runpy.py", line 87, in _run_code
    exec(code, run_globals)
  File "/data/repos/cybrik/frontback/src/backend/test.py", line 39, in <module>
    conn.request("POST", url, payload, headers)
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 1279, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 1325, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 1274, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 1034, in _send_output
    self.send(msg)
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 974, in send
    self.connect()
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 1441, in connect
    super().connect()
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 945, in connect
    self.sock = self._create_connection(
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/socket.py", line 823, in create_connection
    for res in getaddrinfo(host, port, 0, SOCK_STREAM):
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/socket.py", line 954, in getaddrinfo
    for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -2] Name or service not known

I suspect that this is a linux-specific error

1 Like

Thanks for posting your solution!