Using the lock with config:
const lockOptions = {
auth: {
params: {
audience: 'spring-boot-jwts',
scope: 'read:sample profile',
}
},
hashCleanup: false,
}
but I get a non-JWT access token.
But a user-credentials post gets me a JWT token:
curl --request POST --url 'https://<mydomain>.auth0.com/oauth/token' --header 'content-type: application/json' --data '{"grant_type":"password","username": "<username>","password": "<password","audience": "spring-boot-jwts", "scope": "read:sample", "client_id": "<clientid>", "client_secret": "<secret>"}
The docs seem to indicate that I could turn on OIDC compliance, I would get JWTs again, but if I turn on OIDC compliance, I get errors that: “Password login is disabled for clients using externally hosted login pages with oidc_conformant flag set.”
Is there a good example to login with the Lock on an SPA and get a JWT access token provided?