Auth0 Home Blog Docs

How to login with username and password and get a refresh token?

logon

#1

I am not able to login with username and password. I don’t want to use lock. I have my own beautiful login page. It was working with oauth/robut not with oauth/token with

{
      "client_id": authSettings.clientId,
      "username": loginData.email,
      "password": loginData.password,
      "connection": authSettings.connection,
      "grant_type": "password",
      "scope": "openid",
      "audience": "https://someapi.com/api"
  }

#2

The /oauth/token endpoint does not accept a connection parameter. If you want to specify it as part of the request then you need to use a different grant type and use the realm parameter. See the examples in the reference documentation. In addition, if you need a refresh token you need to include the offline_access scope and the associated API needs to allow offline access.

Something like:

{
    "client_id": authSettings.clientId, 
    "username": loginData.email, 
    "password": loginData.password, 
    "realm": authSettings.connection,  // <--
    "grant_type": "http://auth0.com/oauth/grant-type/password-realm",  // <--
    "scope": "openid offline_access", 
    "audience": "https://someapi.com/api"
}

#3

Hi @jmangelo , I’m using AuthenticationAPIClient and try to include offline_access scope, however don’t see any API to include it. Or, do we set it in Auth0 dashboard (but I don’t see any place mentions offline_access)? Could you please help me. Thanks.


#4

Assuming you refer to the Android client then if I recall correctly you can use the setScope helper method to set the request scopes and offline access would be one of them.


#5