Customize Auth0 platform with Node.js using Auth0 Hooks, a new extensibility mechanism powered by Webtasks.
Auth0 Hooks are a new extensibility mechanism in Auth0 that allows you to customize the behavior of our platform using Node.js.
Developers love code and extensibility
Customization flexibility has always been an integral part of the Auth0 platform. Until now, you could use Auth0 Rules to execute arbitrary Node.js code during an authorization transaction. Today, we are introducing Auth0 Hooks, a new and improved mechanism to extend the Auth0 platform using code.
Better developer experience
While Auth0 Hooks are building on the same underlying Webtask technology we have developed to run Auth0 Rules, several aspects of the developer experience are improved:
- Using the management dashboard you can create, move in and out of production, and edit hooks for selected extensibility points in the Auth0 platform.
- You edit hooks in the Webtask Editor, which offers a much richer featureset compared to the experience you are used to with Auth0 rules.
- Syntax completion allows you write the code faster without referring to documentation.
- Integrated secret management improves the security of your code by providing a mechanism to securely store secrets while making them conveniently available in code.
- Integrated runner allows you to test your code without leaving the webtask editor.
- Real-time logs simplify debugging by streaming the output generated by your code.
- GitHub integration allows you synchronize your hook with code stored in a github repository. Updating your hook is as simple as pushing to GitHub.
- Using the Auth0 CLI you can scaffold, create, activate, and deactive hooks from the command line.
What can you do today
The initial release of Auth0 Hooks supports customizing the behavior of Auth0 at three new extensibility points:
- Client Credentials Exchange allows you to change the scopes and add custom claims to issued access tokens.
- Pre User Registration allows you to intercept creation of a new database user to enforce custom password policy, or employ application specific logic to prevent the signup.
- Post User Registration allows you to perform any actions as a result of a succcessful creation of a new database user, e.g. send a message to Slack, or create a record in your CRM system.
This is just the beginning. We are going to be adding many more extensibility points in the Auth0 platform using the Auth0 Hooks mechanism in the future.
Auth0 Hooks vs Auth0 Rules
Introduction of Auth0 Hooks does not affect any existing Auth0 Rules. Your rules continue to work unchanged.
Auth0 Hooks provide a foundation for a new extensibility mechanism in Auth0. All future extensibility points in the platform will build on top of Auth0 Hooks. We are also planning to add support in Auth0 Hooks for the same things you use Auth0 Rules for today.
Differences with Auth0 Rules
If you have been using Auth0 Rules before, these are some of the key differences in the development experience when moving on to Auth0 Hooks:
- In Auth0 Rules, you are editing code on the Auth0 management dashboard. When using Auth0 Hooks, you edit code in the Webtask Editor.
- When using Auth0 Rules, you are specifying rule configuration common to all rules on the Auth0 management dashboard. Auth0 Hooks allow you to specify secret configuration directly in the Webtask Editor, and separately for each hook.
- When developing Auth0 Rules, you can dry run a rule from within the Auth0 management dashboard. Auth0 Hooks can be tested from within the Webtask Editor using the integrated runner and access to real-time logs.
- There is no command line tool to manipulate Auth0 Rules. Auth0 Hooks come with the Auth0 CLI tool, and can also be manipulated using the lower level Webtask CLI tool.
- Auth0 management HTTP APIs offer a way to manipulate Auth0 Rules using any HTTP client. Auth0 Hooks are managed using Webtask management APIs.
Aside: Auth0 Extend
Give your customers enterprise identity integration, frictionless SSO across your products and adaptive authentication with MFA and Anomaly Detection. All of this with a flip of a switch.