I am currently using @auth0/nextjs-auth0 to implement auth0. I have implemented in the backend using the start guide. However I also have a python API that I want to call from my frontend but I want to get the access token in my Python backend as well.
What would be the best way to go about this? I do not really want to call my backend api from node api as that would just require me repeating all the methods again in my node api just to call the Python api. Ideal situation would be to just be able to pass the access token somehow to my Python api. Any ideas?
Welcome to the Auth0 Community!
In this case, you could use the
client_credentials grant flow to get the access token for your APIs. Please take a look at this documentation for more details.
Please let me know how this goes for you.
I do not think this is the solution for me. If am not mistaken the client grant is from machine to machine, which is not my case. Actually that is what I am trying to avoid. I have:
- A nextjs site that has a backend (which are essentially serverless functions) which handles the auth using @auth0/nextjs-auth0 package.
- The frontend which is obviously also using nextjs, and authenticates through the new login experience and hits the nextjs (node) backend talked about above.
- Lastly I have a python api which I am trying to figure out how to get it to the access token to it. (This api has to be user aware and would be hit by the frontend).
Let me know if something does not make sense or is unclear
Thank you for your response.
In this scenario, you could specify the
scope parameters in the
/authorize request when you Call Your API Using the Authorization Code Flow.
You will need to specify your Python API audience as the
audience parameter along with the necessary permissions in the
Once you have completed the flow, you can pass the code to the
/oauth/token endpoint to obtain your access token with access to your Python API.
Please let me know if you have any questions or need further clarification.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.