Auth0 Home Blog Docs

How to generate JWT and add to header via rules

jwt
client-credentials-g
generate-jwt

#1

So I’m writing some rules that will call my own user API, and I’d like to include a JWT in the request to authorise auth0 as a trusted user, I’ve created a client credentials grant user and now would like to login in the rule and include the user’s JWT, but can’t seem to find any docs, any help?


#2

There’s a few things worth clarifying here; the client credentials grant has no notion of end-user, it’s used for machine to machine communication where the resource server/API still wants to ensure it’s being called by a trusted party, but does not requires any notion of end-user.

Having said that, the rules engine can indeed be treated as a non-interactive client application and as such is eligible to perform a client credentials grants in order to get an access token suitable to call an API for which it was previously authorized. You can check the reference docs to see how to perform a client credentials exchange (it’s just a single HTTPS request so it’s not as complex as some of the end-user flows).

On your question you mixed client credentials with the notion of users and user login so if the above raises any questions please be more specific about what you’re trying to achieve.


#3