Architecture Scenarios

This page describes the typical architecture scenarios we have identified when working with customers on implementing Auth0. We have also included implementation checklists that you can use to plan your implementation.

These scenarios describe the different type of technology architectures your application may use, and how Auth0 can help for each of those. Each scenario comes with:

• A sample business case
• The goals and requirements that the implementation must meet
• Detailed explanations of the architectural solutions
• A sample implementation

The goal of these scenarios is to walk you through the implementation process from beginning to end.

• Single Sign-On for Regular Web Apps

  Traditional web application which needs to authenticate users using OpenID Connect.

• Server Application + API

  Server to server communication where a server needs to make secure calls to an API.

• SPA + API

  Single-Page Web Application which talks to an API. The application will use OpenID Connect with the Implicit Grant Flow to authenticate users with Auth0.

• Mobile + API

  Mobile Application which talks to an API. The application will use OpenID Connect with the Authorization Code Grant using Proof Key for Code Exchange (PKCE) to authenticate users.

• Business to Business Identity Scenarios

  SaaS applications with users associated with third-party companies registered as tenants of the SaaS app.

• Business to Consumer Identity Scenarios

  SaaS/eCommerce apps with customers as end users using the OpenID Connect protocol.

• Business to Employees Identity Scenarios

  Enterprise directory services using federation to allow employees to log in to applications using their existing enterprise credentials.