What are the Slack Archives?

It’s a history of our time together in the Slack Community! There’s a ton of knowledge in here, so feel free to search through the archives for a possible answer to your question.

Because this space is not active, you won’t be able to create a new post or comment here. If you have a question or want to start a discussion about something, head over to our categories and pick one to post in! You can always refer back to a post from Slack Archives if needed; just copy the link to use it as a reference..

Hey everyone, I'm looking into how to integrate Spryker OS with Auth0 and i stumbled upon the follow

U03309KTPTJ Posts: 4 🧑🏻‍🚀 - Cadet

Hey everyone,
I'm looking into how to integrate Spryker OS with Auth0 and i stumbled upon the following documentation:
The docs mentions a POST /token endpoint but regardless of what user Im trying to get a token to I get the same error message (this error message is also included in the documentation but no solution was provided)

    "error": "invalid_grant",
    "error_description": "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."

I have verified the credentials both by logging in via Yves UI and also via this REST endpoint: /access-tokens [this returned access and refresh tokens for the same user]

    "username": "<mailto:spencor.hopkins@spryker.com|spencor.hopkins@spryker.com>",
    "password": "**********" 

The questions are
1: How to solve the error
2: Is there any documentation/example for auth0 integration?

I have bootstrapped the b2b-demo-shop locally using deploy.dev.yml

Managing customer authentication tokens via OAuth 2.0 | Spryker Documentation
This endpoint allows authenticating as a customer and refreshing customer authentication tokens via OAuth 2.0.


  • Eugenia Poidenko
    Eugenia Poidenko Sprykee Posts: 145 🧑🏻‍🚀 - Cadet


    The problem with your request might be that you are sending JSON. Note how you need to send the Content-Type: application/x-www-form-urlencoded

    Try this:

    curl --location --request POST '<http://glue.de.spryker.local/token>' \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --data-urlencode 'grant_type=password' \
    --data-urlencode 'username=spencor.hopkin@spryker.com' \
    --data-urlencode 'password=********' 
  • U032N7WF908
    U032N7WF908 Posts: 1 🧑🏻‍🚀 - Cadet

    @UQKSAARKN awesome, thanks this worked for me

  • U03309KTPTJ
    U03309KTPTJ Posts: 4 🧑🏻‍🚀 - Cadet

    @UQKSAARKN x-www works perfect!