Hi, community! I’m trying to create rule to implement the following flow:
- User is requesting token with password grant_type
- In rule auth0 takes token from presetup m2m client
- If successfully it makes request to my Web API (C#) get user claims
- Add this claims to user token
After 1 hour of looping due to lack of setup - I gained m2m token limitation exceeded.
Am I doing something overcomplicated and there is another way? or will I have to implement token cashing in some auth0 varible?
function (user, context, callback) {
const axios = require('axios');
const namespace = 'https://xxx';
//Request the access token
const options = { method: 'POST',
url: `https://${auth0.domain}/oauth/token`,
headers: { 'content-type': 'application/json' },
data: `{"client_id":"${configuration.Auth0_to_Backend_client_id}","client_secret":"${configuration.Auth0_to_Backend_client_secret}","audience":"${configuration.Auth0_to_Backend_audience}","grant_type":"client_credentials"}` };
axios(options)
.then( res => {
const access_token = res.data.access_token;
console.log(access_token);
const apiCallOpts = { method: 'GET',
url: `${configuration.domain}/api/users/${user.user_id}/claims`,
headers: { 'content-type': 'application/json',
'authorization': `Bearer ${access_token}`}
};
axios(apiCallOpts).then(apiRes => {
console.log(apiRes);
let idTokenClaims = context.idToken || {};
let accessTokenClaims = context.accessToken || {};
if (apiRes.claim1!== null) {
idTokenClaims[`${namespace}/claim1`] = apiRes.claim1;
accessTokenClaims[`${namespace}/claim1`] = apiRes.claim1;
}
context.idToken = idTokenClaims;
context.accessToken = accessTokenClaims;
return callback(null, user, context);
}).catch( err => {
console.log(err);
return callback(new Error('User claims getting failed'));
});
})
.catch( err => {
console.log(err);
});
}
I use this approach How do I call my API from a rule? and get this issue.
@konrad.sopala Could you comment this flow and give a piece of advice how to avoid m2m limitation exceeding?