How can I get acess_token of my API in Angular app?

leonardo.lima · June 15, 2022, 7:16pm

I try to get the access token of my API and I have CORS error on the console:

Access to XMLHttpRequest at ‘https://altatechti.us.auth0.com/oauth/token’ from origin ‘http://localhost:4200’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

I created this function

getToken() {
    const headers = new HttpHeaders({
      'Content-Type': 'application/json',
    })
    return this.httpClient.post(
      this.tokenUrl,
      '[{"client_id": "", "client_secret": "", "audience": ", "grant_type":""}]',
      { headers: headers })
  }

Am I doing something wrong?

rueben.tiow · June 16, 2022, 8:43pm

Hi @leonardo.lima,

Welcome to the Auth0 Community!

I understand that you would like to get an Access Token of your custom API in your Angular application.

After looking at your function, I did not find anything that stands out as to why you are encountering a CORS error when Calling your API using the Client Credentials Flow.

In this case, I recommend using the code snippet provided on your Auth0 Dashboard to get an Access Token for your API. To do so, please navigate to your Auth0 Dashboard > Applications > APIs > YOUR_API and click on the Test tab.

On that page, click on Node.JS and select your M2M application from the drop-down list. With that, use the code snippet provided in the interface in your Angular app. This should provide a working code snippet for calling your API using the Client Credentials flow. See below for clarity:

Here is the code snippet skeleton below as well:

var request = require("request");

var options = { method: 'POST',
  url: 'https://YOUR_DOMAIN.REGION.auth0.com/oauth/token',
  headers: { 'content-type': 'application/json' },
  body: '{"client_id":"YOUR_CLIENT_ID","client_secret":"YOUR_CLIENT_SECRET","audience":"YOUR_AUDIENCE_IDENTIFIER","grant_type":"client_credentials"}' };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});

Lastly, I have tested this request and confirm that I could successfully get an Access Token for my API.

I hope this helps!

Please let me know if you need any help with this.

Thank you.