How to define Scope on API login using Machine to Machine app

davidr1 · January 21, 2019, 11:49am

I’m implementing an authentication challenge in an Apple Business Chat conversation
I’m using a Machine to Machine app with the management API.
Apple calls the authorize endpoint with the client ID of my Auth0 App - this present the Auth0 login screen.
User inputs credentials and then the oauth/token endpoint is called and an Access Token is returned to the “Agent” side.
On the Agent side, I have an app that calls /userinfo with the Access Token, but all I get in return is {}

I’ve been reading that I need to define the scope - where do I define this? Is it in the oauth/token call to Auth0 made by Apple?

davidr1 · January 22, 2019, 12:29pm

So I removed the OIDC Conformant option from the application (can be found under Advance Setting>>OAuth)
Now I get a response will all user data and meta data. Not sure this is the right approach but it works…

system · August 29, 2019, 9:11am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Multiple Auth0 APIs Get Help api , machine-to-machine	6	3073	October 6, 2021
Modify machine to machine scopes Get Help	2	3557	August 28, 2019
Minimum scopes for the Auth0 Management API Get Help	3	3456	December 23, 2021
User context with m2m application Get Help	2	3882	December 2, 2019
How to restrict users on specific end points fo the WEB API Get Help	4	4518	August 27, 2019

How to define Scope on API login using Machine to Machine app

Related topics