I’ve created a user using a client that was set up for a web site. I’m attempting to login using another client that was set up for a mobile app. When I execute the following curl request that uses the same client_id that was used to create the user, it works fine:
curl -H "Host: ***.auth0.com" -H "Content-Type: application/json;charset=UTF-8" -H "Origin: https://***.***.com" -H "Accept: application/json, text/plain, */*" -H "User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/603.3.8 (KHTML, like Gecko) Version/10.1.2 Safari/603.3.8" -H "Referer: https://***.***.com/***" -H "Accept-Language: en-ca" --data-binary '{"client_id":"***client_id_1","username":"***@***.com","password":"Pass123","connection":"Username-Password-Authentication","grant_type":"password","scope":"openid profile","popup":false}' --compressed https://***.auth0.com/oauth/ro
I get a 200 response with an id_token and access_token.
However, when I execute the same curl request, but replacing the client_id with the client_id of the native client, I get a 400 response with the following response body:
{"error":"invalid_request","error_description":"the connection was disabled"}
I figured that this would be resolved by just enabling the Username-Password-Authentication connection on the native client - however, I don’t see any Username-Password-Authentication connection in the list I can choose from. I also took a look on the client used by the website, and don’t see Username-Password-Authentication in it’s available list of connections either.
I verified via the Users page that the user I created is there, and that the connection listed for that user is Username-Password-Authentication.
Also, I verified that the two clients are both in the same Auth0 account.
Any ideas what I could be doing wrong here?