Call Other's APIs with Token Vault
Integrations
An integration, or Auth0 Connection, is a relationship between Auth0 and a source of users, such as third-party applications (like Slack or Salesforce) or external Identity Providers (like Google or Microsoft).
These Connections allow users to log in to your application using those identities (such as log in with Google), and share their data from that application to your application. Auth0 standardizes the authentication process from various sources to simplify the integration of different identity providers.
For GenAI applications that utilize Token Vault, Connections are essential. They allow your AI agents to securely access external APIs, such as Google Calendar or Microsoft 365, on behalf of the user. This is achieved by the user granting your application consent to access their data through these Connections.
Within the Auth0 Dashboard, Connections are grouped into two categories: Social Connections allow users to log in to your application using their credentials from popular social media and consumer platforms. This provides a frictionless login experience and can enrich user profiles with additional information.
Enterprise Connections are used to authenticate users against a federated corporate directory or identity provider. This is crucial for B2B applications where users need to log in with their company credentials or use single sign-on (SSO).
Supported Connections
Auth0 provides a large number of Connection types for use with your AI Agents, with more coming soon.View Integrations
Configuring Connections for Token Vault
To enable your GenAI application to call APIs on a user’s behalf, you will need to:1
Obtain client credentials
To enable your application to call APIs on a user’s behalf, you will need to
obtain the Client ID and Client Secret from the Connection you want
to use.
2
Create and configure the Connection
In the Auth0 Dashboard, navigate to Authentication and select the
desired Social or Enterprise Connection type, and configure using
the obtained Client ID and Client Secret.
3
Request the necessary scopes
When configuring the Connection, you need to specify the default scopes
(permissions) your application requires to access the user’s data from the
third-party API.
4
Enable Token Vault on the Connection
Scroll down to the end of the page to the Advanced section and toggle
Enable Token Vault and save the Connection.
5
Enable the Connection for your application
Ensure that the newly configured Connection is enabled for the Auth0
application that represents your GenAI app under Applications >
Applications > [your Auth0 app] > Connections.