In the absence of per user personal access token Personal Access Tokens or API Keys , was wondering how are auth0 customers implementing this feature? Are they managing the tokens inside their app?

Hey @amit9 - The only possible approach I’m aware of currently would be essentially using client credentials via an M2M app per user. Outside of that it’s not something that’s supported for the time being. I saw that you added to the feedback request, thanks for that!

Implementing personal access token

Get Help

ty.frith September 20, 2022, 10:45pm 12

Hey there @amit9 just following up on this - While there is no way to mint access tokens that don’t expire, in an M2M flow you should just be able to request a new token when needed. The following posts outline this:

Topic		Replies	Views
Rules do not fire on M2M client_credentials flow Get Help rules	4	6000	May 12, 2020
Client Credentials M2M Login customize token Get Help jwt , auth0 , rules , access-token	3	3810	May 11, 2020
Retrieve app_metadata on the first login Get Help rules , app_metadata , authorization-extens , login	5	6277	March 2, 2018
Authenticate third-party apps Get Help jwt , auth0 , app_metadata , machine-to-machine	7	3387	October 1, 2022
Migrating rule Adding user details to access token to action Get Help jwt , auth0 , login	2	1782	December 22, 2022

Implementing personal access token

Related topics