Migrating Angular 1.x Applications to from Lock v9 to Lock v11
This guide will help you migrating your Angular 1.x application from Lock 9 to Lock v11.
Update the Lock library using npm or yarn.
Once updated, you can add it to your build system or bring it in to your project with a script tag.
If you do not want to use a package manager, you can retrieve Lock from Auth0's CDN.
Add the angular-lock library
Use npm to uninstall the old library and install the new one.
Then include it in your
Update the app.js file
auth0.lockto your Angular module
lockProviderin your configuration
- Initialize a Lock instance in
- Inject your authentication service in
run()and call the method that listens for authentication events (we will implement changes in the authentication service next)
Update the authentication service
If you are using an authentication service, you will need to make a few minor changes there as well. Lock v11 provides events so you can execute functionality when the user is authenticated, when there is an authentication error, and so on. You can read more at the Lock v11 documentation.
Configure your Auth0 application for embedded login
When implementing embedded login, Lock v11 will use cross-origin calls inside hidden iframes to perform authentication. To make sure this can be done securely, Auth0 needs to know the domains where you will be hosting your applications.
Add the domain to the Allowed Web Origins field. You can find this field in the Application Settings area of your Dashboard.
Change calls to getProfile()
getProfile() function was reimplemented in Lock 11. The previous implementation received an ID Token as a parameter and returned the user profile.
The new implementation requires an Access Token parameter instead.
Behavioral Changes in Lock v11
Usage in popup mode
When using popup mode in previous versions of Lock, a new browser window was opened and immediately closed in order to complete the authentication transaction. In Lock 11, that window is opened on a hidden iframe, providing a better user experience.
Lock 11 will never show the Last time you logged in with window when using the Authorization Code Flow (that is, when specifying
response_type='code'). It will always prompt for credentials.
Last time you logged in with window and redirects
The Last time you logged in with window will never do a redirect, even when the
redirect option is set to
true. Lock11 still emits the
authenticated event and you should subscribe to that event to get the authentication result.
If you want to avoid showing the Lock dialog when there's an existing session in the server, you can use Auth0.js's checkSession() function.
Single sign-on using IP ranges
In earlier versions of Lock, you could configure an IP range in an Active Directory/LDAP connection. You could then use that range to allow integrated Windows Authentication if the user's IP was within the range. When this was true, Lock would display a button that users could click and get redirected to the integrated authentication dialog.
This functionality has been removed from embedded login using Lock 11. There is no IP detection, and the user will need to type user and password in Lock. It is still available when using Universal Login.
Lock 11 will default the scope parameter to
'openid profile email'. This is to make the Last time you logged in with window work correctly.
If you are running your website from
http://127.0.0.1 and you do not specify the
openid profile email scope when initializing Lock, you may get the following error in the browser console:
This will not happen when you run your application in production, or if you specify the required scope. You can read more about this scenario in the documentation on skipping consent for first-party applications.