auth0.js: Access denied - unauthorized
Hi, We are currently using the lock and my task is to change the method to API. I read the whole documentations and gits but it didn’t help with my problem. Note that the same user/pass works fine with lock. I also tested this code with user/pass only. The same error occurred. Here’s my code:
login() {
const auth0 = new Auth0.WebAuth({
domain: 'mydomain.auth0.com',
clientID: 'XXXXXXX',
});
auth0.client.login({
realm: 'Username-Password-Authentication',
username: this.refs.epost.value,
password: this.refs.password.value,
scope: 'openid profile',
}, function (err, authResult) {
alert(err.code);
console.log(err);
});
},
Response
{error: "access_denied", error_description: "Unauthorized"}
error:"access_denied"
error_description:"Unauthorized"
Request payload
client_id:"XXXX"
grant_type:"http://auth0.com/oauth/grant-type/password-realm"
password:"123456"
realm:"Username-Password-Authentication"
scope:"openid profile"
username:"test013@mydomain.com"
About this issue
- Original URL
- State: closed
- Created 7 years ago
- Reactions: 4
- Comments: 15 (4 by maintainers)
For anyone else that stumbles upon this… I had the same problem with a different solution: in the tutorial it has you create an “Email domain whitelist” rule and it says if you don’t turn it off, people won’t be able to log in… I thought I turned off, but after 30 minutes of scratching my head, I realized I didn’t. So, check that before you go crazy.
You can check that in Auth0 Dashboard -> Client -> Settings
@saikatharryc no. Client -> Tab Settings -> Client Type
@hzalaz Ugh, such a simple fix after hours of banging my head against the wall.
@sdpetersen Thank you so much, literally spent 2 days on this issue, at last your solution worked!! I am so happy.
@pooya1361 make sure the type of your client is
SPA