Today I write this entry after a few late nights of personal research. I am building an app and an important part of it will be to integrate it to other services using Zapier . To do that, I need to make a REST-ful API layer with no login form, but instead to have an authorize routine which can take the user's credentials and to pass back an Access Token . Up until now, other services I have helped establish have either used the Universal Login method, or simply with my own custom Javascript wrapper using the SDK . Neither of these solutions is going to fit my need. I did understand that from all of the available methods it had to offer, OAuth was going to fit it in some way, but I did not quite understand how I would evade having to use a login UI element. I've now had more of a solid read over the Auth0 Authentication API documentation, and on the subject of Get Token , there are number of different types of login flows, the main key/value that determines one flow to