Get Access Token directly through cURL requests

mikolajbuda1337 · April 10, 2020, 7:21am

Hi,

I would like to integrate external app with my API that is secured by auth0 services. What I did I enabled “password” grant_type for my auth0 application and added it to Username-Password-Authentication database.

Now, I’m trying to get access token with:

curl --request POST \
  --url 'https://{my_domain_here}.auth0.com/oauth/token' \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data grant_type=password \
  --data username=email@email.com \
  --data password=Test1234 \
  --data audience={here_custom_API_audience} \
  --data scope=read:sample \
  --data 'client_id={here_client_id}' \
  --data client_secret={here_secret}`

Unfortunately I’m getting response:

{"error":"invalid_grant","error_description":"Wrong email or password."}

It happens only when my app is connected to Username-Password-Authentication. I can also reproduce that on my Lock login page. If I disable Username-Password-Authentication connection then everything works.

What I would like to achieve is to generate token in such manner that it contains every user’s claim that is needed in my application to feed all JWT details.

Is that possible?

Thanks,
Mikołaj Buda

smorales · December 14, 2022, 7:54pm

Hi I’m having an issue connecting from my servers due to a certificate saying it has expired.
curl: (60) SSL certificate problem: certificate has expired
More details here: curl - SSL CA Certificates

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it.
I ran this command curl --verbose https://armellini.auth0.com

tibor.strausz · February 14, 2023, 8:45pm

did you find a solution. I also would like to get the token via curl so I can test my backend more easy than fire up my frontend and get it out of my cookies