Until this morning I could use
oauth/access_token to get an
id_token from a Facebook login token that was received using the native Facebook SDK.
Now I get error:
Grant type ‘http://auth0.com/oauth/legacy/grant-type/access_token’ not allowed for the client.
Has something changed? Is there another way to get an id_token?
This is required for proper native mobile user experience.
I assume this is because of: https://auth0.com/docs/api/authentication#social-with-provider-s-access-token
This feature is disabled by default for new tenants as of 5 June 2017 due to security implications. Please see Client Grant Types for more information.