Hi all,
my understanding is: A software, where other applications can connect and do things is (in OAuth2-lingo) a resource-server.
In Auth0 this is an “API”.
My resource-server needs client-id and client-secret (more or less: user and password) to connect to auth0.
But: If I define an API, I can’t see client-id and client-secret - I can only see “Id”.
Where to find client-id and client-secret for an API?
Uli
Hello @uherbst!
You’re correct in your understanding of a resource server’s function! However, an API as it is registered in Auth0 won’t have a client id nor client secret, only clients/applications will and will instead be referenced by the audience param (the identifier of the API) from other applications. Depending on your setup, the application could be machine to machine (m2m) where no user is involved, or a web app, SPA, native, etc. I recommend checking out the following docs outlining general architectural scenarios, it’s pretty handy when it comes to understanding how all the different pieces come together in action!
Hope this helps!
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.