Update Grant Types

You can change your application's grant types using the Auth0 Dashboard or the Management API.

Use the Dashboard

  1. Go to Dashboard > Applications > Applications and select the name of the application to view.

    Dashboard Applications List
  2. Scroll to the bottom of the page, and select Show Advanced Settings.

  3. Select Grant Types, and enable or disable the appropriate grants for the application. When finished, select Save Changes. The device code grant type is only available for native apps.

    Dashboard Applications Application Settings Tab Advanced Settings Grant Types tab

Use the Management API

Make a PATCH call to the /Clients/patch_clients_by_id endpoint. Be sure to replace YOUR_CLIENT_ID, MGMT_API_ACCESS_TOKEN, and GRANT_TYPE placeholder values with your client ID, Management API access token, and desired grant type, respectively.


to configure this snippet with your account

curl --request PATCH \
  --url 'https://YOUR_DOMAIN/api/v2/clients/YOUR_CLIENT_ID' \
  --header 'authorization: Bearer MGMT_API_ACCESS_TOKEN' \
  --header 'cache-control: no-cache' \
  --header 'content-type: application/json' \
  --data '{ "grant_types": "GRANT_TYPES" }'

to configure this snippet with your account

var client = new RestClient("https://YOUR_DOMAIN/api/v2/clients/YOUR_CLIENT_ID");
var request = new RestRequest(Method.PATCH);
request.AddHeader("content-type", "application/json");
request.AddHeader("authorization", "Bearer MGMT_API_ACCESS_TOKEN");
request.AddHeader("cache-control", "no-cache");
request.AddParameter("application/json", "{ \"grant_types\": \"GRANT_TYPES\" }", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);

to configure this snippet with your account

package main

import (
	"fmt"
	"strings"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "https://YOUR_DOMAIN/api/v2/clients/YOUR_CLIENT_ID"

	payload := strings.NewReader("{ \"grant_types\": \"GRANT_TYPES\" }")

	req, _ := http.NewRequest("PATCH", url, payload)

	req.Header.Add("content-type", "application/json")
	req.Header.Add("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
	req.Header.Add("cache-control", "no-cache")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

to configure this snippet with your account

HttpResponse<String> response = Unirest.patch("https://YOUR_DOMAIN/api/v2/clients/YOUR_CLIENT_ID")
  .header("content-type", "application/json")
  .header("authorization", "Bearer MGMT_API_ACCESS_TOKEN")
  .header("cache-control", "no-cache")
  .body("{ \"grant_types\": \"GRANT_TYPES\" }")
  .asString();

to configure this snippet with your account

var axios = require("axios").default;

var options = {
  method: 'PATCH',
  url: 'https://YOUR_DOMAIN/api/v2/clients/YOUR_CLIENT_ID',
  headers: {
    'content-type': 'application/json',
    authorization: 'Bearer MGMT_API_ACCESS_TOKEN',
    'cache-control': 'no-cache'
  },
  data: {grant_types: 'GRANT_TYPES'}
};

axios.request(options).then(function (response) {
  console.log(response.data);
}).catch(function (error) {
  console.error(error);
});

to configure this snippet with your account

#import <Foundation/Foundation.h>

NSDictionary *headers = @{ @"content-type": @"application/json",
                           @"authorization": @"Bearer MGMT_API_ACCESS_TOKEN",
                           @"cache-control": @"no-cache" };
NSDictionary *parameters = @{ @"grant_types": @"GRANT_TYPES" };

NSData *postData = [NSJSONSerialization dataWithJSONObject:parameters options:0 error:nil];

NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"https://YOUR_DOMAIN/api/v2/clients/YOUR_CLIENT_ID"]
                                                       cachePolicy:NSURLRequestUseProtocolCachePolicy
                                                   timeoutInterval:10.0];
[request setHTTPMethod:@"PATCH"];
[request setAllHTTPHeaderFields:headers];
[request setHTTPBody:postData];

NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request
                                            completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
                                                if (error) {
                                                    NSLog(@"%@", error);
                                                } else {
                                                    NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *) response;
                                                    NSLog(@"%@", httpResponse);
                                                }
                                            }];
[dataTask resume];

to configure this snippet with your account

$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://YOUR_DOMAIN/api/v2/clients/YOUR_CLIENT_ID",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "PATCH",
  CURLOPT_POSTFIELDS => "{ \"grant_types\": \"GRANT_TYPES\" }",
  CURLOPT_HTTPHEADER => [
    "authorization: Bearer MGMT_API_ACCESS_TOKEN",
    "cache-control: no-cache",
    "content-type: application/json"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}

to configure this snippet with your account

import http.client

conn = http.client.HTTPSConnection("")

payload = "{ \"grant_types\": \"GRANT_TYPES\" }"

headers = {
    'content-type': "application/json",
    'authorization': "Bearer MGMT_API_ACCESS_TOKEN",
    'cache-control': "no-cache"
    }

conn.request("PATCH", "/YOUR_DOMAIN/api/v2/clients/YOUR_CLIENT_ID", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

to configure this snippet with your account

require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://YOUR_DOMAIN/api/v2/clients/YOUR_CLIENT_ID")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Patch.new(url)
request["content-type"] = 'application/json'
request["authorization"] = 'Bearer MGMT_API_ACCESS_TOKEN'
request["cache-control"] = 'no-cache'
request.body = "{ \"grant_types\": \"GRANT_TYPES\" }"

response = http.request(request)
puts response.read_body

to configure this snippet with your account

import Foundation

let headers = [
  "content-type": "application/json",
  "authorization": "Bearer MGMT_API_ACCESS_TOKEN",
  "cache-control": "no-cache"
]
let parameters = ["grant_types": "GRANT_TYPES"] as [String : Any]

let postData = JSONSerialization.data(withJSONObject: parameters, options: [])

let request = NSMutableURLRequest(url: NSURL(string: "https://YOUR_DOMAIN/api/v2/clients/YOUR_CLIENT_ID")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "PATCH"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()

Value Description
YOUR_CLIENT_ID Τhe ID of the application to be updated.
MGMT_API_ACCESS_TOKEN Access Tokens for the Management API with the scope update:clients.
GRANT_TYPES The grant types you would like to enable for the specified application.

Troubleshoot

Attempting to use a flow with an application lacking the appropriate grant_types for that flow (or with the field empty) will result in the following error: Grant type `grant_type` not allowed for the client.

Learn more