I’m new to Auth0 so forgive me if I am misunderstanding anything obvious. I’ve been trying to follow the quickstarts to get a simple example working. No matter what I do (e.g client type of Native, or Single Page App, and various options in Lock) I can’t get a login to work via Lock… I always get the error "Grant type 'http://auth0.com/oauth/legacy/grant-type/ro' not allowed for the client."
showing up in the server logs and 403 forbidden returned to the client.
I’ve mainly been trying in Popup mode as eventually I’ll be using via PhoneGap (which the PhoneGap quickstart says will work only in Popup mode) . I’ve tried in browser and via PhoneGap app and both have the same problem.
I granted access to the client via the management API to the following grant types:
{
"grant_types":
"authorization_code",
"implicit",
"refresh_token",
"password",
"http://auth0.com/oauth/grant-type/password-realm"
]
}
However if i try to grant access to http://auth0.com/oauth/legacy/grant-type/ro
I get an error saying that isn’t allowed, based on the documentation it looks like this grant type is depreciated, in which case I assume part of my Lock configuration is wrong and it shouldn’t be using it?
At this stage I’m very confused about how Lock fits in with everything and how the options on it relate to the grant type and flow that it decides to use. For example can I force it to use PKCE?
I’m initializing lock (JavaScript v10.16.0) like so:
var lock = new Auth0Lock(
[clientid],
[namespace],
{
auth: {
redirect: false,
sso: false,
}
});
It launches fine via lock.show()
, but after I try and login with an existing user it fails. Server error (with sensitive data removed) log is as follows:
{
"body": {
"client_id": "xyz...",
"username": "removed@xyz.com",
"password": "*****",
"scope": "openid",
"connection": "Username-Password-Authentication",
"grant_type": "password"
},
"qs": {},
"connection": "Username-Password-Authentication",
"error": {
"message": "Grant type 'http://auth0.com/oauth/legacy/grant-type/ro' not allowed for the client.",
"oauthError": "unauthorized_client",
"type": "oauth-authorization"
}
}