Auth0 Home Blog Docs

Restricting Client Credentials grant to specific URLs



I was able to implement the client credentials grant flow to restrict access to my API in GAE. It was relatively straightforward, it works well, but it doesn’t seem like the origin URLs setting of the client is respected in this flow. How do I tie a client ID to a specific URL, so that requests for the access token coming from other URLs are denied?


Hi @satya

May be this is what you are looking for cross-origin-authentication.

Hope this helps!


This is not relevant for client credentials grant. There is no user interaction in my authentication flow.