Mitigate CSRF Attacks with State Parameters

Connect your app to Yahoo!

These steps will guide you through how to create an application with Yahoo! and how to add it as a social connection in the Auth0 Dashboard.

Keep reading

1. Add a New Application

To begin, you need a Yahoo user ID. If you don’t have one ( or, you need to create one.

Then, go to Yahoo Developer Apps and click on the Create an App button.

Click the Create an App button

Create an Application Name and select Web Application as the Application Type.

Enter your app data

In the nonceCallback Domain field enter:


Find your Auth0 domain name for redirects

If your Auth0 domain name is not shown above and you are not using our custom domains feature, your domain name is your tenant name, plus For example, if your tenant name were exampleco-enterprises, your Auth0 domain name would be and your redirect URI would be

If you are using custom domains, your redirect URI will have the following format: https://<YOUR CUSTOM DOMAIN>/login/callback.

For the API Permissions make sure to select at least one user data API:

API Permissions

2. Get your Client Key and Client Secret

Once the application is created you will see a Client ID (Consumer Key) and Client Secret (Consumer Secret). Copy these values as you will use them to set up the connection in Auth0.

Get Client ID and Client Secret

3. Set up the Connection in Auth0

In a separate tab or page, go to the Connections > Social section of the Auth0 dashboard.

Click on the Yahoo! connection.

Enter your Client Key and Client Secret from Yahoo! then click SAVE.

Enter your key and secret

Next click on the Applications tab next to Settings and enable which of your applications will be able to use this connection.

Enable Applications

When finished, click SAVE.

4. Test the Connection

On the Connections > Social page of the Auth0 dashboard you should now see a TRY button with the Yahoo! connection.

Try button

Click on this to test the new connection. This should bring up a confirmation page for the connection:

Connection Approval

If accepted, you should be able to see the It Works! confirmation page that your connection has been configured correctly.