Support Auth0 client credentials flow

ryanwalls · September 23, 2016, 7:40pm

Auth0 now has the capability to handle the client credentials grant flow. See Client Credentials Flow.

The token that is generated has a different format for claims than the standard user claim.

Claims look like this:

{
  "iss": "https://3dsim.auth0.com/",
  "sub": "PV2AvGcMjOFErV6QposKnfrUdt8yPuHI@clients",
  "aud": "https://workflow-qa.3dsim.com",
  "exp": 1474728993,
  "iat": 1474642593,
  "scope": "write:workflows read:workflows"
}

So to support this, I imagine Tyk would need to recognize that the client is actually sent in the sub field instead of the aud field.

Created a github issue here as well: Feature request: Support Auth0's client credentials grant flow · Issue #299 · TykTechnologies/tyk · GitHub

Martin · September 23, 2016, 7:55pm

We might need to make this an explicit client credentials flow, can see the value for service to service support here, client credentials was late to the party at Tyk when we set up OAuth :-/