Auth0 Home Blog Docs

Requesting access_token for Box Platform Extension

authentication-api
jwt
box
#1

I am working on a solution where I am trying to authenticate with Auth0 and request an access_token for the Box Platform Extension. I am working on a dotnet core solution so after exploring tens of pages, I followed this article to do my job and try to do in dotnet core and C#. As the prerequistics I had already

  1. Enabled my Box app for “OAuth 2.0 with JWT (Server Authentication)”
  2. Generated a Pubic/Private Keypair for my Box app
  3. Configure the CORS Domains if you plan to call the Box Platform from the browser (eg: http://localhost:xxxx/api/box/upload )
  4. Downloaded the “App Settings” as a JSON file
  5. Authorized the Client ID of my Box Application in the Admin Console
  6. Enabled the Box extension on my Auth0 portal and configured it using the downloaded JSON file
  7. Installed the Extension on Auth0
  8. Configured ‘Allowed Callback URLs’ on Auth0 and ‘CORS’ on Box Developer Console.

Now when I tried to call the Auth0 Authentication API, it should make a callback to my configured Server URL, but it couldn’t. I am not sure, why? Following is the code snippet I am using:

                var client = new AuthenticationApiClient(_auth0Configs.Domain);

            var authorizationUrl = client.BuildAuthorizationUrl()
                .WithResponseType(AuthorizationResponseType.Token,
                    AuthorizationResponseType.IdToken)
                .WithClient(_auth0Configs.ClientID) // ClientID of Auth0 App
                .WithAudience(_auth0Configs.Audience) // urn:box-platform-api
                .WithRedirectUrl(_auth0Configs.RedirectUri) // http://localhost:xxxx/api/box/box-upload
                .WithScope(_auth0Configs.Scope) // openid name email get:token
                .Build();

            return Redirect(authorizationUrl.ToString());

The Url hitting this method is something like “https://xxxx.auth0.com/authorize?response_type=…”. Using this, I am getting a BadRequest response, when I tried to see the logs on Auth0 I found something like “Missing required parameter: nonce”.

Apart from this, I was also trying using

                using (HttpClient httpClient = new HttpClient())
            {
                var requestBody = new
                {
                    client_id = _auth0Configs.ClientID,
                    audience = _auth0Configs.Audience,
                    scope = _auth0Configs.Scope,
                    response_type = _auth0Configs.ResponseType,
                    redirect_uri = _auth0Configs.RedirectUri
                };

                var requestContent = new StringContent(
                    JsonConvert.SerializeObject(requestBody),
                    Encoding.UTF8,
                    "application/json");

                var result = await httpClient.PostAsync(@"https://xxxx.auth0.com/authorize", requestContent);

                //var result = await httpClient.GetAsync(authorizationUrl);
            }

While using this, I am not getting any errors or logs, getting 200 for this Post request but didn’t get any callback from Auth0. Worse !!

Any ideas? Suggestions ??