Generic token/API key

I am working on an App that is secured with auth0 but we want users who are NOT signed into our android/ios app to be able to make requests with a default/hardcoded JWT that has very limited GET request access. My question is if we can create an access token that doesn’t expire or possibly have some sort of API key that we can cycle every couple of months.

Hey @sam.gosman welcome to the community!

While Auth0 doesn’t support this functionality exactly, it sounds like using an M2M/client credentials flow might suit your needs:

https://auth0.com/docs/get-started/authentication-and-authorization-flow/call-your-api-using-the-client-credentials-flow

There’s an existing request to add this functionality if you would like to upvote.

Keep us posted!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.