Oauth with Auth0 not substituting OAUTH2_TOKEN

  • Goal: I am trying to authenticate with Oauth Client Credentials flow via Auth0

  • Steps: I have read the docs and other questions in the forum

  • Details: The token exchange is successful. I can see that in the Auth0 logs. However when the request makes it to my server the header is still Authorization: Bearer OAUTH2_TOKEN suggesting something went wrong between receiving the token from Auth0 and sending it to my resource server

Log from my server:

handlers/middleware.go:104    Authorization header: Bearer OAUTH2_TOKEN

Screenshot from Auth0 Logs:

Retool Configuration:

1 Like

I realised that actually my Test Connection requests aren't making it to Auth0. I have tried a Custom Auth too now and it also doesn't work. But I can confirm that the client works

POST https://prop.eu.auth0.com/oauth/token
Headers:
  Content-Type: application/x-www-form-urlencoded
Form post:
  client_id: taRRC8........................................
  client_secret: <masked>
  grant_type: client_credentials
  scope: read:all
  audience: https://graphql.propylitics.com/v1/

200
1 Like

I have also tried the auth0 specific with type now and it also doesn't work

There are no logs in Auth0 the only ones are actually from me curling the token endpoint to prove the client is configured correct. Otherwise requests don't appear to be making it.

I also have a new server log

handlers/middleware.go:104    Authorization header: Bearer undefined

Hi @brenwell! Welcome to the community. :wave:

And thanks for reaching out - this looks like an interesting issue. To start, I'm pretty sure that testing the resource connection isn't expected to re-authenticate, meaning that you wouldn't see any activity in the Auth0 logs.

Can you try the following?

  1. Define the "Auth0 Client Credentials" authentication flow.
  2. Verify that Retool connects to Auth0 and retrieves an access token.
  3. Test the connection to your resource server.

Let me know if any of those steps fail so that we can hone in on the source of the issue!

1 Like