Test project to show how auth0 can be used for authorization and authentification:
- Login
- Authentification with bearer token
- Authorization with user's scopes
-
Create Test App (Machine-To-Machine)
-
Create test user
-
Generate client token: POST
https://{domain}/oauth/token
{
"client_id":"***",
"client_secret":"***",
"audience":"https://{domain}/api/v2/",
"grant_type":"client_credentials"
}
Audience can be found in Api (API Identifier) that is used by the application:
Client id and secret can be found on Settings tab of the application
- Get test user data with generated token
GET
https://{domain}/api/v2/users/{user_id}
-
Create Client Api and set audience as Identifier:
-
Set default audience in Tenant Settings:
- Configure client to allow password grant-type
1.1 Settings -> Advanced Settings
1.2 Dashboard -> Settings -> Api Authorization Settings set Username-Password-Authentication in Default Directory
- Create token for a user that was created before:
POST https://{domain}/oauth/token
{
"client_id":"***",
"grant_type":"password",
"username": "***",
"password": "***"
}
Playground: Post /login
To make this endpoint public (usable by third parties who know only client_id) set application setting "Token Endpoint Authentication Method" to None
Note: Access to application with this settings can not authenticated with client credentials.
- Check token by getting info
Playground: Get /info
-
Add scopes to Client Api
-
Set permissions to user:
-
Create token and see scopes in this token:
