Passwordless Authentication grant type not allowed for client

meteabogdan · February 25, 2020, 12:06pm

What we’re trying to achieve

We’re trying to make a single page application with a custom passwordless sign-up/login form. The application would be built in react.

The problem

We’re trying to use the Authentication API found here: https://auth0.com/docs/api/authentication. It works fine to initiate a passwordless flow using the POST /passwordless/start endpoint.

However, when we try to authenticate the user, it always fails with the following error:

Grant type ‘http://auth0.com/oauth/grant-type/passwordless/otp’ not allowed for the client

According to this thread: Grant type 'http://auth0.com/oauth/grant-type/passwordless/otp' not allowed for the client. All I have to do is enable the Passwordless OTP grant. However, I tried doing that and I get the following errors

Error! Invalid grant types: http://auth0.com/oauth/grant-type/passwordless/otp

Help

dan.woda · February 25, 2020, 7:13pm

Hi @meteabogdan,

This is because that grant type is not supported by SPAs. We recommend using Universal login to accomplish passwordless in a spa. You can follow this guide to see an embedded login guide:

Hope this helps,
Dan

nikiben · February 26, 2020, 12:26am

Looks like the same issue I had at this issue here.
This is caused by the “application type” you have selected. I believe passwordless OTP is only supported in SPA & Regular Web App types.

To test this out, try creating a new application, set the application type to one of the above and then enable passwordless OTP.

dan.woda · February 26, 2020, 6:30pm

@nikiben It should be for native and regular web apps. Thanks!

dan.woda · March 11, 2020, 10:30pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.