Add a generic OAuth2 Authorization Server to Auth0

The most common identity providers are readily available on Auth0's dashboard. However, you can add any other OAuth2 provider using the Custom Social Connections extension.

The fetchUserProfile script

A custom fetchUserProfile script will be called after the user has logged in with the OAuth2 provider. Auth0 will execute this script to call the OAuth2 provider API and get the user profile:

function(access_token, ctx, callback){
  // call the oauth2 provider and return a profile
  // here we are returning a "mock" profile, you can use this to start with to test the flow.
  var profile = {
    user_id: '123',
    given_name: 'Eugenio',
    family_name: 'Pace',
    email: ''

  callback(null, profile);

The access_token parameter is used for authenticating requests to the provider's API.

We recommend using the field names from the normalized profile.

For example, the following code will retrieve the user profile from the GitHub API:

function(access_token, ctx, callback) {
  request.get('', {
      'headers': {
          'Authorization': 'Bearer ' + access_token,
          'User-Agent': 'Auth0'
    }, function(e,r,b){
    if( e ) return callback(e);
    if( r.statusCode !== 200 ) return callback(new Error('StatusCode:'+r.statusCode));

You can filter, add or remove anything from the profile returned from the provider. However, it is recommended that you keep this script as simple as possible. More sophisticated manipulation of user information can be achieved through the use of Rules. One advantage of using Rules is that they apply to any connection.

Login using the custom connection

You can use any of the Auth0 standard mechanisms (e.g. direct links, Auth0 Lock, auth0.js, etc.) to login a user with the your custom connection.

A direct link would look like:


To add a custom connection in Lock, you can add a custom button by following the instructions at Adding custom connections to lock and using this link as the button href.

Other resources