I am using emberjs with auth0 to log in. Normally I enter username and password and I get a valid token which I send to api etc.
Now, I want to write some tests on api and I always need a valid token. My token expires in a day. So to run tests I always have to manually change the token sample.
So I want to get a token somehow from api? is possible and how?
Very good question. An easy way to do this for tests, is to use a Client Credentials Grant Flow. Since you want an access token from within a test, you can treat this as a machine to machine flow.
Here is an example where I am doing this from a test to receive an Auth0 Management API v2 access token. And the corresponding test too. And here is where I use that access token lookup as part of a separate test. However, the same principle applies whether it the Auth0 specific Management API or an API you have defined yourself in the Auth0 Dashboard (under APIs) using a Non-Interactive Client and your own audience.
The "shape" of the call is pretty much as follows:
{
method: 'POST',
url: 'https://{TENANT}.auth0.com/oauth/token',
headers: { 'content-type': 'application/json' },
body: '{
"client_id":"{CLIENT ID}",
"client_secret":"{CLIENT SECRET},
"audience":"https://{tenant}.auth0.com/api/v2/",
"grant_type":"client_credentials"
}'
};
You call the oauth/token
endpoint, and pass clientId, clientSecret, audience (for that api), and grant-type (client_credentials
). If doing this with emberjs / php - it is very similar - If you create a new Client in Auth0 Dashboard and choose Non Interactive
client type, then hit Quick Start
- it will guide you through setup (if needed). See screenshot below, and feel free to leave comments if you have any probs.