I'm trying to generate a token in a WebApi so I can call the ManagementApi to update a users's meta_data. I used code that previously worked for me and received the error:
"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client."
I understand the grant type of 'client_credentials' cannot be enabled for clients in the dashboard any longer and when I create the client I need to specify that the endpoint is secret so I added the following to my code:
token_endpoint_auth_method = "client_secret_post"
The code I am using to generate the token is below
private async Task GetToken()
{
var client = new HttpClient();
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(
new MediaTypeWithQualityHeaderValue("application/json"));
string payload = JsonConvert.SerializeObject(new
{
client_id = _auth0ClientId,
client_secret = _authClientSecret,
audience = $"https://{_auth0Domain}/api/v2/",
grant_type = "client_credentials",
token_endpoint_auth_method = "client_secret_post"
});
var content = new StringContent(payload, Encoding.UTF8, "application/json");
var stringTask = client.PostAsync($"https://{_auth0Domain}/oauth/token", content);
var msg = await stringTask;
var result = await msg.Content.ReadAsStringAsync();
var token = JsonConvert.DeserializeObject<dynamic>(result);
return token.access_token;
}
Even with the token_endpoint_auth_method set I still get the same error. Am I setting it in the correct place?