Adding a generic OAuth1 Authorization Server to Auth0
To create an arbitrary OAuth1 connection, you use Auth0's Connections API.
This example would create a custom Twitter connection:
The key parameters for a connection are:
- name: this is how the connection can be referenced later on in Auth0 or in your app.
- strategy: this must be oauth1. It defines the protocol implemented by the provider.
The options object:
- client_id and client_secret must be obtained from your provider.
- fetchUserProfile: Auth0 allows you to define a custom script that returns a JSON object with user info. What you do in the script is up to you. For convenience, the OAuth module is included to simplify OAuth1 calls.
The script will have the following signature:
tokenSecret parameters will often be used for authenticating requests to the provider's API.
Notice that you can manipulate the profile returned from the provider to filter/remove/add anything in it. However, we recommend you keep this script as simple as possible. More sophisticated manipulation of the user information can be achieved through Rules.
Using your new connection
You can use any of the Auth0 standard mechanisms to login a user with the new connection (such as direct links, Auth0 Lock, auth0.js, and so on).
A direct link would look like: