Auth0 Single Page Application SDK

The Auth0 Single Page Application (SPA) SDK is a new JavaScript library designed to secure SPAs with best practices and less code. It implements Universal Login and the Authorization Code Grant Flow with PKCE. The Auth0 SPA SDK handles grant and protocol details, manages token expiration and renewal, and it stores and caches tokens for you.

You can find the source code on Github and the full API documentation here.

If you encounter some problems or errors when using the new JavaScript SDK, please check out the FAQ to see if your issue is covered there.


You have a few options for using auth0-spa-js in your project:

From the CDN:

Using npm:

Using yarn:

Getting Started

Create the client

First, you'll need to create a new instance of Auth0Client client object. Create the Auth0Client instance before rendering or initializing your application. You should only have one instance of the client.

Login and Get User Info

Next, create a button users can click to start logging in.

Listen for click events on the button you created. When the event occurs, use the desired login method to authenticate the user (loginWithPopup() in this example. After the user is authenticated, you can retrieve the user profile with the getUser() method.

Call an API

To call your API, start by getting the user's Access Token. Then use the Access Token in your request. In this example the getTokenSilently method is used to retrieve the Access Token.


Finally, add a button users can click to logout.


jQuery is used in the following examples.

Login with Popup

Login with Redirect

Login with Redirect Callback

Get Access Token with no interaction

Get Access Token with Popup

Get Access Token for a different audience

Get User

Get ID Token Claims

Logout (default)

Logout with no Client ID