Does Resource Owner Password Grant Authentication accept email address?

Hi :slight_smile:

We’re looking at attempting to silently log someone in after having given us a password which we then create an account in auth0 with.

Ideally, we’d not want to redirect them to auth and then back.

I’ve been playing around with the Resource Owner Password Grant method but it seems that the credentials require a USERNAME but we’re not using USERNAME’s and I wondered if email address worked here? I can’t seem to get it to work using the API Debugger or postman, so I suspect not, please confirm :slight_smile:

Hi @SG-1,

Welcome to the Community!

You should be able to use an email for the username. Can you tell me how you are making the request and what is failing?

Hey, thanks for your reply :slight_smile:
I’m using /oauth/token

with headers ‘Content-Type’ : 'application/json’

{
	'client_id' : AUTH0_CLIENT_ID,
		'grant_type' : 'password',
		'password' : '*******',
		'scope' : 'openid name email nickname',
		'username' : '***@***.com',
}

But I just get the response of

{"error":"access_denied","error_description":"Unauthorized"}