Service account / tenant token

stephanie.chamblee · February 8, 2021, 5:16pm

Based on the Authorization Flow guide (Which OAuth 2.0 Flow Should I Use?) it sounds like Client Credentials flow is right for your situation since the client is the resource owner.

With Client Credentials flow, you can add tenant-specific data to tokens in custom claims by using a Client Credentials Exchange hook:

Topic		Replies	Views
Accessing the Management API as a user Get Help management-api	3	2282	May 27, 2021
OAuth flow for allowing third party applications to access API Get Help auth0 , api	4	4749	January 20, 2021
Safety of multi-tenant app and authorization Get Help jwt , id_token , multi-tenant	1	3286	August 6, 2019
Client Credentials flow - pass extra parameters into Hook Get Help client , client-credentials-g , flow	2	4865	December 14, 2018
Different API access scenarios; own SPA, tenants, third-parties Get Help api , spa , api-keys , api-authorization	5	5022	March 2, 2018

Service account / tenant token

Related topics