Summary: As part of our new requirement to have in-app signup & login experience, we enabled the password grant for the application in dev, test, and prod. We successfully created user accounts (signup) but could not get user access tokens from the API (/oauth/token). This is working fine in our DEV tenant.
Currently, this is blocking us from delivering the in-app experience.
Debug details:
PROD tenant curl request (not working):
curl --location 'https://<our-auth0-domain-url>/oauth/token'
--header 'Content-Type: application/x-www-form-urlencoded'
--data-urlencode 'grant_type=password'
--data-urlencode 'client_id=<our-client-id>'
--data-urlencode 'audience=https://my-audience'
--data-urlencode 'username=myemail@gmail.com'
--data-urlencode 'password=XXXXXXXXX'
--data-urlencode 'scope=openid email profile offline_access'
Response:
{
"error": "access_denied",
"error_description": "Unauthorized"
}
Update:
As we have the SPA application created and working in DEV tenant, I created a new SPA application in PROD tenant, but it is still not working and received a different error now.
Response:
{
"error": "server_error",
"error_description": "Authorization server not configured with default connection."
}