Full server-side authorization flow without login page

I won’t have a web page, I’m just providing a REST API in which users will be able to:

  1. POST to /register with and username/email and password to create an user
  2. POST to /login with the same username/email and password to obtain an access_token
  3. Use that access_token to call other endpoints

I’m stuck in step 2.
I want to know if this use case can be accomplished using Auth0. I was able to create users using the management API and store them using a Username-Password-Authentication connection. I don’t know how to get an access_token with a HTTP request when the user gives me his email and password. All the solutions that I’ve seen points that you need to show an Auth0 login form to the user and then redirect it to your callback_url with an access_token. Once I got a token, I already know how to protect my other endpoints and how to check if the token is valid.

Is possible to accomplish this? Thank you so much!

Found the solution here :smiley:

Hi, I have a similar problem. I have a zuul router that will handle all the authorization. The request will have the user details embedded

Thanks you helped. I am using java. I think I need to use

import com.auth0.client.auth.AuthAPI; login its simpler to your javascript