Hello,
Hope someone can shed some light on a recent issue I have with /oauth/token api with resource owner password.
I created an account roughly three weeks ago and I followed the documentation docs/password-grant.md at master · auth0/docs · GitHub to get a token with username and password. I’ve set default directory to Username-Password-Authentication and added password to grant types of my application. My curl command to test as below:
curl -X POST
https://[DOMAIN_REMOVED].eu.auth0.com/oauth/token
-H ‘Cache-Control: no-cache’
-H ‘Content-Type: application/x-www-form-urlencoded’
-H ‘Postman-Token: bb7ed953-ffbe-428f-ac12-8c4af95fc7fa’
-d ‘client_id=JXCE5sjNdY6PH4Wjtfx14Y8eiS9VOpmC&username=[USERNAME_REMOVED]&password=[PASSWORD_REMOVED]&grant_type=password’
Response I kept getting is {“error”:“invalid_request”,“error_description”:“Redirection is not available on /oauth/token endpoint.”}
Out of frustration after trying and googling, someone said to create a new account back in July. So I created a new account and set up my first app and other configs accordingly. The same curl command with the new client ID and domain url, this time I received a valid token!
I tried to compare configs between the two accounts I created but I couldn’t spot any difference.
It would be great if anyone could help here!