Hi,
I’m new to Auth0 and I’m trying to see if I can use it to create a custom login form on my website and authenticate a user using the authentication API. I found this page - Authentication API Explorer - and thought it’s the best option for what I’m trying to do. I downloaded the postman collection and followed the instructions on this page - Call Your API Using Resource Owner Password Flow. However, when I started testing it, it always gives me a 401 error:
{
"error": "access_denied",
"error_description": "Unauthorized"
}
I googled a bit more and found that I can enable the Password grant type, but even after doing this, I still get a 401 error. Am I missing something?
Some details:
- I’m using a Free Auth0 plan
- I’m testing using a user I created in the User Management page:
- Here’s the request/response in postman:
Regards,
Marlon
Hey @ponki.d.monkey, Welcome to the Auth0 Community!
From the looks of it you request seems correct, I checked your tenant as well and it looks ok, only
thing i suspect is your client_id , I think there is a trailing space in there, can you check it?
Regards,
Sidharth Chaudhary
Hi,
Thanks for your reply.
I checked the client_id on my request and it doesn’t have a trailing space. And just to be sure, I copied it again using the Copy to clipboard button from my application details page. I also double checked all other request parameters if they have a trailing space and they have none. Not sure if it’s worth trying to post from a sample custom login page. What do you think?
Regards,
Marlon
Hey Marlon, Can you DM me a Curl version of your token request(removing the secret)? I will replace with my params and try on my side as well
Ok sure. Give me a sec. I’ll just compose the curl request and DM it to you.
i am also facing same issue , can i please get help
Thanks i fixed it i am able to generate token now 
1 Like
Wooohooo! Glad to hear that!
Can you say what you’ve changed? For the benefit of the rest of community
Please share the fix with everyone 
Hello, I am having the same issue. Would appreciate some help on this. Thanks
@soni.sinha for visbility
I’m having the same issue and the problem here is that if fails with the “Unauthorized” error and I can’t find any other details to troubleshoot the issue.
My setup works on other environments but on the Stage server. I’m sure I have everything configured identically but still can’t figure out the issue.
I’m able to log in but then my SPA fails with an “Unauthorized” error .
Where can I get more details about the problem? Do you have any kind of debug logs to have more details about the actual reason of the failure?
For anyone having the same problem, While using postman i was using form-data instead of x-www-form-urlencoded while using Content-Type:application/x-www-form-urlencoded as header.
2 Likes
Thanks for sharing it with the rest of community!
The easiest way to fix is using postman collection from here https://github.com/auth0/postman-collections, look for Get Access Token/Resourse Owner Password request. Pay attention that client_id and other keys are set in request body but not Params, except Content-Type which is set in header.
Thanks for sharing that with the rest of community!
