Grant_types "password" not committing after "Patch"

john.markovich · May 21, 2020, 4:08pm

Patched my application with the following grant_types:

"token_endpoint_auth_method": "client_secret_post",
"app_type": "regular_web",
"grant_types": [
    "implicit",
    "authorization_code",
    "refresh_token",
    "client_credentials",
    "password"
],
"custom_login_page_on": false

}
Response Code: 200
Status: OK

But when I try perform
“grant_type”: “http://auth0.com/oauth/grant-type/password-realm”

Receive this error:

Response Body: {
“error”: “unauthorized_client”,
“error_description”: “Grant type ‘http://auth0.com/oauth/grant-type/password-realm’ not allowed for the client.”,
“error_uri”: “Application Grant Types”
}
Response Code: 403
Status: Forbidden

Can login, uncheck “password” box, recheck “password” box and “Save Changes” works.

dan.woda · May 22, 2020, 6:26pm

Hi @john.markovich,

Welcome to the Community!

When I check the box in the dashboard it adds password and realm support to the grant types.

"grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token",
    "client_credentials",
    "password",
    "http://auth0.com/oauth/grant-type/password-realm"
  ]

I think password refers to password support, and the URI refers to realm support. It is outlined in this doc.

Not sure why there is the naming convention difference, but for the grant you are requesting you need to add the http://auth0.com/oauth/grant-type/password-realm in the array.

Let me know if that doesn’t solve it,
Dan

system · June 6, 2020, 6:26pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.