How to define Scope on API login using Machine to Machine app

davidr1 · January 21, 2019, 11:49am

I’m implementing an authentication challenge in an Apple Business Chat conversation
I’m using a Machine to Machine app with the management API.
Apple calls the authorize endpoint with the client ID of my Auth0 App - this present the Auth0 login screen.
User inputs credentials and then the oauth/token endpoint is called and an Access Token is returned to the “Agent” side.
On the Agent side, I have an app that calls /userinfo with the Access Token, but all I get in return is {}

I’ve been reading that I need to define the scope - where do I define this? Is it in the oauth/token call to Auth0 made by Apple?

davidr1 · August 29, 2019, 9:11am

So I removed the OIDC Conformant option from the application (can be found under Advance Setting>>OAuth)
Now I get a response will all user data and meta data. Not sure this is the right approach but it works…

system · August 29, 2019, 9:11am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.