In the absence of per user personal access token Personal Access Tokens or API Keys , was wondering how are auth0 customers implementing this feature? Are they managing the tokens inside their app?

Hey @amit9 - The only possible approach I’m aware of currently would be essentially using client credentials via an M2M app per user. Outside of that it’s not something that’s supported for the time being. I saw that you added to the feedback request, thanks for that!

Implementing personal access token

Get Help

ty.frith September 20, 2022, 10:45pm 12

Hey there @amit9 just following up on this - While there is no way to mint access tokens that don’t expire, in an M2M flow you should just be able to request a new token when needed. The following posts outline this:

Topic		Replies	Views
Authenticate third-party apps Get Help jwt , auth0 , app_metadata , machine-to-machine	7	3383	October 1, 2022
Client Credentials M2M Login customize token Get Help jwt , auth0 , rules , access-token	3	3808	May 11, 2020
Rules do not fire on M2M client_credentials flow Get Help rules	4	5999	May 12, 2020
Migrating rule Adding user details to access token to action Get Help jwt , auth0 , login	2	1782	December 22, 2022
Auth0 Actions for M2M to return Application metadata in JWT Get Help management-api , clients	2	1001	August 16, 2023

Implementing personal access token

Related topics