You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was hoping someone could explain why this happened. I understand that there needs to be a client grant if I'm trying to get an access_token signed by auth0 to call the resource_server.
However, the code below is getting and id_token signed with my client secret which never calls any resource server. I'm not sure why adding the resource server to the client via the auth0 management api would cause an unrelated application/auth flow to go down.
Below is the minimum repro case:
2.3.1:007 > client=Auth0Client.new(2.3.1:008 > client_id: '04a3QIRE2b0dj8s83WxdoXpdrEXAMPLE',2.3.1:009 > client_secret: 'CIxYL_Zjt_cWWMxqtvgTyHJVYHk5-CPer2j5p-A2lq9dILEF_PpBrhyNMEXAMPLE',2.3.1:010 > domain: 'domain.auth0.com',2.3.1:011 > api_version: 12.3.1:012?> )=> #<Auth0Client:0x007fd675bcbc10 @domain="domain.auth0.com", @base_uri="https://domain.auth0.com", @headers={"Content-Type"=>"application/json", "User-Agent"=>"Ruby/2.3.1", "Auth0-Client"=>"eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI0LjEuMCJ9", "Authorization"=>"Bearer h5XMQmo6YWlDtXaG99Spflmw74L8FdtMqSCCtysLRbFMLGVAMa3Msy6NZZvNmVcd"}, @timeout=10, @client_id="04a3QIRE2b0dj8s83WxdoXpdrEXAMPLE", @client_secret="CIxYL_Zjt_cWWMxqtvgTyHJVYHk5-CPer2j5p-A2lq9dILEF_PpBrhyNMEXAMPLE", @token="h5XMQmo6YWlDtXaG99Spflmw74L8FdtMqSCCtysLRbFMLGVAMa3Msy6NZZvNmVcd"># patch client to have a resource serverRequestURL:https://domain.auth0.com/api/v2/clients/04a3QIRE2b0dj8s83WxdoXpdrEXAMPLERequestMethod:PATCHStatusCode:200OK{"resource_servers":[{"identifier": "https://resource_identifier/","scopes": []}]}2.3.1:013 > client=Auth0Client.new(2.3.1:014 > client_id: '04a3QIRE2b0dj8s83WxdoXpdrEXAMPLE',2.3.1:015 > client_secret: 'CIxYL_Zjt_cWWMxqtvgTyHJVYHk5-CPer2j5p-A2lq9dILEF_PpBrhyNMEXAMPLE',2.3.1:016 > domain: 'domain.auth0.com',2.3.1:017 > api_version: 12.3.1:018?> )Auth0::AccessDenied: {"error":"access_denied","error_description":"Client is not authorized to access \"https://resource_identifier/\". You might probably want to create a \"client-grant\" associated to this API. See: https://auth0.com/docs/api/v2#!/Client_Grants/post_client_grants"}from ~/.rvm/gems/ruby-2.3.1/gems/auth0-4.1.0/lib/auth0/mixins/httpproxy.rb:24:in`block (2 levels) in <module:HTTPProxy>' from ~/.rvm/gems/ruby-2.3.1/gems/auth0-4.1.0/lib/auth0/api/authentication_endpoints.rb:21:in `obtain_access_token' from ~/.rvm/gems/ruby-2.3.1/gems/auth0-4.1.0/lib/auth0/mixins/initializer.rb:79:in `initialize_v1'from ~/.rvm/gems/ruby-2.3.1/gems/auth0-4.1.0/lib/auth0/mixins/initializer.rb:39:in`initialize_api' from ~/.rvm/gems/ruby-2.3.1/gems/auth0-4.1.0/lib/auth0/mixins/initializer.rb:17:in `initialize' from (irb):13:in `new'from(irb):13from ~/.rvm/rubies/ruby-2.3.1/bin/irb:11:in `<main>'
2.3.1:019 >
The text was updated successfully, but these errors were encountered:
I was hoping someone could explain why this happened. I understand that there needs to be a client grant if I'm trying to get an
access_token
signed by auth0 to call the resource_server.However, the code below is getting and
id_token
signed with my client secret which never calls any resource server. I'm not sure why adding the resource server to the client via the auth0 management api would cause an unrelated application/auth flow to go down.Below is the minimum repro case:
The text was updated successfully, but these errors were encountered: