I just recently set up a Resource Owner Password flow in Auth0, and I managed to get it working for a short period since I’ve been able to retrieve Access Tokens successfully from the
/oauth/token endpoint. Unfortunately something has happened to Auth0 within the past 24 hours that has caused this setup to fail. Now every time I try to retrieve an access token I get a 401 response with the following error:
Grant type ‘password’ not allowed for the client.
I’ve tried a number of things to rectify the situation:
- Ensured my Auth0 Client and API are set up correctly. I’ve done this by comparing my Client and API to ones that I know work properly. It didn’t work.
- Recreated my Client and API and set it up correctly. It didn’t work.
- Recreated my Client and API with a brand new Connection, set up my users, set my default connection. It didn’t work.
- Created a brand new Auth0 account set up my Client and API correctly, added my users, set up my default connection. It worked!
Is there something wrong with our
https://yellowlineparking.eu.auth0.com account? The
/oauth/token endpoint appears to work just fine when I create a new Auth0 account, so this seems to be the case.
Here’s the request I’m sending off to the
/oauth/token endpoint, sans the
client_secret, username and password.
POST https://yellowlineparking.eu.auth0.com/oauth/token HTTP/1.1 Host: yellowlineparking.eu.auth0.com Content-Type: application/x-www-form-urlencoded Cache-Control: no-cache Postman-Token: 3a2e9d00-9b5d-179f-aff5-d53ef44b5414 grant_type=password&client_id=OzLfjOAqwaUOanI3Yhcm31ntjbqVzlDQ&client_secret=[CLIENT_SECRET_REMOVED]&audience=https%3A%2F%2Fcashless.appyparking.com&username=[USERNAME_REMOVED]&password=[PASSWORD_REMOVED]&scope=email