Programmatically retrieve Auth0 User access token


I’m having issues trying to retrieve a test Auth0 User’s access token - it needs to be a User access token since I need the app_metadata to be populated with specific values in order to run the tests properly.

I’ve been trying to get resources owner password flow to work but 1) it’s really causing issues when trying to set it up in Go and 2) when I did get it running with cURL the token I received did not contain the app_metadata values which should have been populated by a Rule I have in place.

The Application in question is a Vue SPA. Does anyone have any ideas on how best to approach this problem?


Hi @forstmeier,

Using the ROPG flow to get a token for testing with is a viable route, what issues were you having?
As an alternative you could securely store and use a refresh token to get new access tokens for a test user -

Is your rule adding the metadata as a custom claim to the token like demonstrated here? They should be present in the associated token if so.
Make sure you have not used a protected namespace too. Using, or in your custom namespace will lead to them being ignored.

1 Like

Hi @sgo,

I was actually able to resolve my issue. I removed the audience value from my POST request data and added in the realm value. I’ll see about the refresh tokens pattern too but this seems to be working with the included custom claims values coming in as expected.


Hi @forstmeier

Are you specifying an audience in your curl command?


1 Like

Hi @john.gateley, yes, I was but I’ve since removed it and that appeared to be, in part, the solution to the issue I was running into regarding authorization .

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.