From c7d71815c6152bc95e4f5bff6d7e59c8634648dc Mon Sep 17 00:00:00 2001
From: Viet Nguyen <3805254+vnugent@users.noreply.github.com>
Date: Mon, 11 Nov 2024 10:13:14 -0800
Subject: [PATCH] fix: prod tenant requires explicit realm (#1211)

* fix: prod tenant requires explicit realm
* fix[bb]: missing env var
---
 .env                              | 1 +
 src/app/api/mobile/login/route.ts | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/.env b/.env
index bf901343a..aaa47e8e2 100644
--- a/.env
+++ b/.env
@@ -11,6 +11,7 @@ NEXTAUTH_SECRET=vQyFR7gskaqxehN0cI/53r+duWc5Et0ktdoz6KozTCo=
 # Auth0 Management API
 AUTH0_MGMT_CLIENT_ID=Ecyj4oke3Cpk1khRsdKr8njen6ZZKePF
 AUTH0_MGMT_CLIENT_SECRET=send request to hello at openbeta.io
+AUTH0_MGMT_CLIENT_AUDIENCE=https://dev-fmjy7n5n.us.auth0.com/api/v2/
 
 ######### Client-side vars ############
 # Must prefix with NEXT_PUBLIC_in order to expose vars to the browser
diff --git a/src/app/api/mobile/login/route.ts b/src/app/api/mobile/login/route.ts
index 14b408ed6..a161187d1 100644
--- a/src/app/api/mobile/login/route.ts
+++ b/src/app/api/mobile/login/route.ts
@@ -27,7 +27,8 @@ async function postHandler (request: NextRequest): Promise<NextResponse> {
       username,
       password,
       scope: 'openid profile email offline_access',
-      audience: 'https://api.openbeta.io'
+      audience: 'https://api.openbeta.io',
+      realm: 'Username-Password-Authentication'
     })
 
     return NextResponse.json({ data: response.data })