Grant type not allowed for the client about auth0.swift HOT 12 CLOSED

@haydenholligan you need to enable the grant Legacy: RO as detailed in https://auth0.com/docs/clients/client-grant-types#edit-available-grant_types.

However I'd recommend using https://github.com/auth0/Auth0.swift#sign-up-with-database-connection to create the user and then https://github.com/auth0/Auth0.swift#login-with-database-connection-via-realm to login the user (use the one with realm instead of connection in the parameters). This will shield you from any changes in the future since we are slowing moving away from the legacy grants, Auth0.swift 1.7.0 will have some deprecation in place and will have some documentation stating what grants each method needs (if applicable since not all perform Auth).

from auth0.swift.

Cool, I'll try createUser() and realm instead. Shouldn't signUp() be marked as deprecated in Xcode then? This kind of just blindly hit and was very confusing to figure out what was going on.

from auth0.swift.

It's in master pending our next release, which should be tomorrow

from auth0.swift.

Well actually it's in a PR but the same things applies

from auth0.swift.

Okay. I'm a little confused with the new createUser function. login() and the sold signUp() both returned Result<Credentials>, but createUser() just returns a DatabaseUser (tuple containing email, username, verified). What's the deal with that? Do I no longer store credentials on a user signup? Or do I call something else to get them? Maybe now I call login() following createUser()? I'm not entirely sure.

from auth0.swift.

Yes, the doc on the method should say this too, the createUser method just creates the User in a DB connection, then you are responsible of login them or not. The old signup did both at the same time (unless you sent a specific flag).

Now it should be something like to mirror the same behavior

let email: String = ....
let password: String = ....
Auth0
  .createUser(email: email, password: password, connection: "db_connection")
  .start { result in
    guard case .failure = .success else { return } //notify error
    Auth0
      .login(usernameOrEmail: email, password: password, realm: "db_connection")
      .start { /** Auth result */ }
  }

from auth0.swift.

I just noticed the quickstart guide has accessToken everywhere, my code has idToken. I'm quite sure I followed the same quickstart guide a few months ago. Was idToken replaced with accessToken?

from auth0.swift.

@haydenholligan yes, that was replaced a few months ago. Read this article for more context.

from auth0.swift.

I see. I figured this issue out, I'm having a new one where profile.email is nil after creating a user (the email is visible on auth0 dashboard). Should I create a new issue for that?

from auth0.swift.

AFAIK the default requested scope is openid, which will give you an access_token that you can use to call the /userinfo endpoint later. If you want the profile in the response to include the email you must also ask for the email scope when logging in (when you're obtaining the access_token). --> Ask openid email scope.

from auth0.swift.

Sorry, that's what I'm doing. I'm using the accessToken from login() to call userInfo().The profile I get from userInfo() has a nil email. The name is there though, set as the email address I entered...

from auth0.swift.

@haydenholligan what userInfo returns depends on the scopes during login and it will only return OIDC standard claims. To get all info you can get from userInfo you should use openid profile and that should see the email when you call https://github.com/auth0/Auth0.swift/blob/master/Auth0/Authentication.swift#L342.

If thats not the case I'd suggest you contact us via https://support.auth0.com since we cannot ask for more sensitive information here (like credentials to test, the token, etc)

from auth0.swift.