How to generate and pass access token to the login end point in the custom database action script

I have a custom database connection and in my login action script I am calling an API/WS endpoint that requires access token, How do I generate access token in the action script and pass it to the endpoint?

Below is the Auth0 documentation suggesting the same using client credentials flow in rules, my understanding of rules is that they execute after the authentication/login is done and used to modify the access token that’s already generated.

Auth0 Documentation:
"Determine if they are accessing their database directly versus through an API.** This item is not a requirement; it is a recommended best practice. A database interface is extremely open. You should add protections between an API endpoint and your database. Most people do not expose their database directly to the internet. Though you can whitelist Auth0 IPs, those IPs are shared in the cloud environment. In general, Auth0 recommends that you protect your database from too many actors directly talking to it. The alternative is to create a simple API endpoint that each script within Auth0 can call. That API can be protected using an access token. You can use the client credentials flow to get the Access Token from within the rules.

Hi @rmannuru,

Take a look at this doc on how to implement the client credentials grant:

You should be able to copy the code from the node implementation (with your client id and secret added) and receive a token.

Let me know if you run into problems.


1 Like

Thanks Dan, that’s very helpful!!!

1 Like

Glad you got it figured out!

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.