I have created a very simple API, and it authenticates by means of JWT. At the moment, the only consumer of that API is a React SPA, which uses Auth0 for user signup and authentication.
Everything is working fine: when a user isn’t logged in, they don’t have access, and when they are, they do. I’m still developing it, so it’s not live yet.
My problem is around user sign up.
When a new user signs up, they’re immediately prompted to allow access to their account for the API. Given that I have created both, I don’t want that extra friction and a slightly alarming message.
I feel I must have set something up wrong - but I don’t know what, based on the docs. I have enabled Roles, although I don’t really need them yet. Might that be the problem?
I want a user to automatically be able to use the API when they sign up to the SPA, without needing to grant extra permissions, and I can’t figure out how.
Many thanks,
Mark