Call API Using Resource Owner Password Flow

giorgio.zorzi · April 14, 2022, 11:49am

Hello,

I am trying to get the token from the API using the Password Flow following this tutorial.

I am not able to successfully call the API and I receive

{"error":"access_denied","error_description":"Unauthorized"}

I am following the tutorial and I am not sure why this is not working. Any help on this?

dan.woda · April 14, 2022, 3:12pm

Hi @giorgio.zorzi,

Welcome to the Auth0 Community!

Can you please share the request (with any sensitive info removed) that is causing this error?

giorgio.zorzi · April 14, 2022, 5:55pm

Hi @dan.woda,

Thank you for your reply!

I am using python following the script from the link. Here it is

import http.client
import requests

url = "https://something.eu.auth0.com/oauth/token"
client_id = 'CLIENT_ID'
client_secret = 'CLIENT_SECRET'
username = 'test_user@email.com'
password = 'password'
api_identifier = '/api'
scope = "openid profile email"

conn = http.client.HTTPSConnection("")

headers = {'content-type': "application/x-www-form-urlencoded"}

data = {
    "grant_type": "password",
    "username": username,
    "password": password,
    "audience": api_identifier,
    "client_id": client_id,
    "client_secret": client_secret,
}

resp = requests.post(
    url=url,
    headers=headers,
    json=data,
)

print(resp.text)

dan.woda · April 14, 2022, 6:08pm

Can you confirm that the password grant setting is turned on you application settings?

And make sure the app is authorized to access the API you are declaring in the audience param.

giorgio.zorzi · April 14, 2022, 6:45pm

Yes, I made sure that both steps are as you described

dan.woda · April 14, 2022, 6:47pm

Can you try removing the audience param for the sake of debugging and see if that is causing this error?

giorgio.zorzi · April 14, 2022, 8:44pm

Still getting the same error

dan.woda · April 15, 2022, 1:16pm

Great, we can rule that out.

Have you enabled the connection? Also, can you DM me your tenant name and the name of the client?

giorgio.zorzi · April 18, 2022, 7:02am

Hi @dan.woda,

Yes, the connection is enabled in the application.

I DM to you the other details

giorgio.zorzi · April 21, 2022, 12:23pm

I figured out the problem.

I was supposed to use

resp = requests.post(
    url=url,
    headers=headers,
    data=data,
)

instead of

resp = requests.post(
    url=url,
    headers=headers,
    json=data,
)

BTW, I had to change the python library from http (the one used in the tutorial) to requests because that was erroring out for me with

Traceback (most recent call last):
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/runpy.py", line 197, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/runpy.py", line 87, in _run_code
    exec(code, run_globals)
  File "/home/gz/.vscode/extensions/ms-python.python-2022.4.1/pythonFiles/lib/python/debugpy/__main__.py", line 45, in <module>
    cli.main()
  File "/home/gz/.vscode/extensions/ms-python.python-2022.4.1/pythonFiles/lib/python/debugpy/../debugpy/server/cli.py", line 444, in main
    run()
  File "/home/gz/.vscode/extensions/ms-python.python-2022.4.1/pythonFiles/lib/python/debugpy/../debugpy/server/cli.py", line 285, in run_file
    runpy.run_path(target_as_str, run_name=compat.force_str("__main__"))
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/runpy.py", line 268, in run_path
    return _run_module_code(code, init_globals, run_name,
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/runpy.py", line 97, in _run_module_code
    _run_code(code, mod_globals, init_globals,
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/runpy.py", line 87, in _run_code
    exec(code, run_globals)
  File "/data/repos/cybrik/frontback/src/backend/test.py", line 39, in <module>
    conn.request("POST", url, payload, headers)
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 1279, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 1325, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 1274, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 1034, in _send_output
    self.send(msg)
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 974, in send
    self.connect()
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 1441, in connect
    super().connect()
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/http/client.py", line 945, in connect
    self.sock = self._create_connection(
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/socket.py", line 823, in create_connection
    for res in getaddrinfo(host, port, 0, SOCK_STREAM):
  File "/home/gz/.pyenv/versions/3.9.7/lib/python3.9/socket.py", line 954, in getaddrinfo
    for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -2] Name or service not known

I suspect that this is a linux-specific error

dan.woda · April 21, 2022, 3:15pm

Thanks for posting your solution!