Unauthorized for oauth/token grant type password Native App

ngthailam · January 16, 2023, 4:03am

Hi,

Context
I am creating a Native App where we want to authorize user with our native login form. I successfully used the dbconnections/signup endpoint to create a new user.

The problem:
For the oauth/token endpoint, I am getting

{
    "error": "access_denied",
    "error_description": "Unauthorized"
}

This is my cUrl ( this is a test app I created )

curl --location --request POST 'https://dev-uc7nx3l56liil03z.us.auth0.com/oauth/token' \

--header 'Content-Type: application/x-www-form-urlencoded' \

--header 'Cookie: did=s%3Av0%3A55a459f0-9550-11ed-8ece-25f26b66f3fc.S%2BAunX5GHOL3qjtG7atjL3AR9QvMlQ7b%2B3LI%2BqCwVpI; did_compat=s%3Av0%3A55a459f0-9550-11ed-8ece-25f26b66f3fc.S%2BAunX5GHOL3qjtG7atjL3AR9QvMlQ7b%2B3LI%2BqCwVpI' \

--data-urlencode 'grant_type=password' \

--data-urlencode 'client_id=i89ZfhJY1fI4gVnbyjrn0ZBukxPucUfz' \

--data-urlencode 'username=xeixujocreke-1762@yopmail.com' \

--data-urlencode 'password=@Aab123456'

The password is the password I sent in the dbconnections/signup, and the username is the email since I didnt provide a custom username.

The Application type is Native Application, and I have checked, there’s no rules involved.

Can someone help me with this. Thanks

rueben.tiow · January 19, 2023, 5:59pm

Hi @ngthailam,

Welcome to the Auth0 Community!

After my investigation, I found that your Application (i89ZfhJY1fI4gVnbyjrn0ZBukxPucUfz) has not yet enabled the Password Grant-Type in the advanced settings:

Given that, I recommend enabling the Password Grant-Type in your Application’s advanced settings for the Resouce Owner Password Grant flow to work properly.

See our documentation on how to update your Application’s Grant Types.

Please let me know if you have any further questions.

Thanks,
Rueben

ngthailam · January 31, 2023, 1:49am

Sorry for the late reply. We were celebrating Lunar new year in my country.

Thanks for the great help, I must have missed that. I’ve successfully managed to call the API successfully after your suggestion.

Nice to know the community blog is still managed and questions are answered.

Many thanks, keep up the good work.

system · February 14, 2023, 1:49am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.