Hi,
I would like to integrate external app with my API that is secured by auth0 services. What I did I enabled “password” grant_type for my auth0 application and added it to Username-Password-Authentication database.
Now, I’m trying to get access token with:
curl --request POST \
--url 'https://{my_domain_here}.auth0.com/oauth/token' \
--header 'content-type: application/x-www-form-urlencoded' \
--data grant_type=password \
--data username=email@email.com \
--data password=Test1234 \
--data audience={here_custom_API_audience} \
--data scope=read:sample \
--data 'client_id={here_client_id}' \
--data client_secret={here_secret}`
Unfortunately I’m getting response:
{"error":"invalid_grant","error_description":"Wrong email or password."}
It happens only when my app is connected to Username-Password-Authentication. I can also reproduce that on my Lock login page. If I disable Username-Password-Authentication connection then everything works.
What I would like to achieve is to generate token in such manner that it contains every user’s claim that is needed in my application to feed all JWT details.
Is that possible?
Thanks,
Mikołaj Buda