I need to test the server-side code in my application. I have tried a number of approach and settled on using the client_credentials grant type. My code looks like:
url = ‘https://%s/oauth/token’ % AUTH_DOMAIN
headers = {‘content-type’: ‘application/json’}
parameter = { “grant_type”: “client_credentials”,
“client_id”:AUTH_CLIENT_ID,
“client_secret”: AUTH_CLIENT_SECRET,
“audience”: ‘AUTH0_AUDIENCE’}
responseDICT = json.loads(requests.post(url, json=parameter, headers=headers).text)
I get a ‘Grant type \‘client_credentials\’ not allowed for the client.’ From the dashboard, I go to the Advanced Settings for the application and click on Grant Types. Client Credentials is greyed-out because the Token Auth Endpoint is “none”. The Token Auth Endpoint is also greyed-out and I can’t modify it.
Two questions:
- Is the approach sound? I’ve spent quite a bit of time on this, and would like to avoid more dead-ends.
- Are the client credentials and token auth endpoint settings greyed-out a permissions error, or am I missing something?
Help much appreciated! I have also tried getting the password access token, but this has also failed. My suspicion is that the problem is in the application settings but as I mentioned above I’m not sure how or if I can set them.