Auth0 Home Blog Docs

How to generate Personal Access Tokens for users to consume API?

Hi There,

  • Which SDK does this apply to? auth0-js/laravel-auth0
  • Which verison of the SDK you are using? both uses the latest version.

I have been testing out Auth0 authentication for the last couple of weeks.

This is now my scenario.

Vue JS app with auth0-js that uses implicit auth against my tenant to receive id_token for user information and access_token to call my backend API (Laravel) and receive data for the JS application.

I have managed to protect all my backend API routes with the CheckJWT middleware and this is working as expected. The Laravel application even uses client credential flow to manage users through the Auth0 Management API.
Now, how would i implement “Personal Access Token” for the user to create so they can consume the Laravel API from different services?

The token should be created with no expiry time and should also identify the user to manage row-level access from the database, when created it would only be shown once for the user to copy and store it somewhere safe. A real world example would be Github’s “Personal Access Token” creation for their API to manage repos.