Need some help with the ResourceOwnerPassword flow

Hello,

for a client i need to recreate a legacy authentication mechanism. Basically i need to call auth0 using the ResourceOwnerPassword flow with the users credentials, to get an access token. However when i use the below code the library tells me to get an idtoken, when i then add the openid scope i get an exception saying that its encrypted using HS256 which is also not supported. The client is giving me a hard time regarding changing this signing algorithm. Is there any other way that i can just retrieve an access token using the library and this flow or am i just stuck?

        var authenticationApiClient = new AuthenticationApiClient(new Uri("https://mydomain.io"));

        var tokenRequest = new ResourceOwnerTokenRequest
        {
            ClientId = "clientid",
            ClientSecret = "clientsecret",
            Scope = "myscope",
            Audience = "https://mydomain.io",
            Username = "user@company.com",
            Password = "mypw"
        };

        var response = await authenticationApiClient.GetTokenAsync(tokenRequest);

Hi @Demoric,

Welcome to the Auth0 Community!

You would need to change your application’s signing algorithm to one that is supported, like RS256.

Thanks,
Rueben

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.