Rules do not fire on M2M client_credentials flow

I can’t seem to get any user metadata in M2M client_credentials flow to get an access token.
I created an API, an M2M application, and a rule. Then I make a request like

curl --request POST \
  --url https://xxxx.au.auth0.com/oauth/token \
  --header 'content-type: application/json' \
  --data '{"client_id":"xxxxxxxxxxxxxx","client_secret":"yyyyyyyyyyyyy","audience":"https://xxxxxxxxx.com","grant_type":"client_credentials"}'

and got access token, but the rule did not fire.

Is this behavior expected? In other words, is there any way to access metadata in M2M client_credentials flow and attach some data to the access token?

Hi @tkurokawa,

Welcome to the Community

Yes, you can add user information you want in token using custom claim rule. Please see below post for refrence.

Adding Custom Claims

Solved by

and

I have to use hooks, in M2M client credentials flow, not rules.

Thank you,

2 Likes

Perfect! Glad to hear that!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.