Login with Auth0
There are two methods by which web applications can use Auth0 for authentication of their users. The recommended method is via Universal Login. It is the safest and easiest to implement. If, for some reason, Universal Login does not work for your use case, Embedded Login is also an option.
Universal Login is Auth0's implementation of the login flow, which is the key feature of an Authorization Server. Each time a user needs to prove their identity, your applications redirect to Universal Login and Auth0 will do what is needed to guarantee the user's identity.
By choosing Universal Login, you don't have to do any integration work to handle the various flavors of authentication. You can start off using a simple username and password. With a simple toggle switch, you can add new features such as social login and multi-factor authentication (MFA). All of this is dynamic, and adjustable in real-time without requiring application-level changes, since all functionality is driven dynamically by the web pages served by the centralized Authentication Server. Your application will benefit from all improvements Auth0 does in the login flow without you changing a single line of code.
The login page appearance and behavior is customizable right from the Dashboard. The logo and colors of the login pages can be changed, and in more advanced use cases, the code of each page itself can be modified.
For information on the differences between Universal Login and traditional embedded login within your application, see our comparison guide.
Choosing an experience
In the Dashboard, the dialog shown below lets you select which Experience will be used for default, non-customized pages:
Choose an experience to learn more about:
The settings available here are:
- Primary Color
- Background Color
These settings, once changed, will take effect on all your Universal Login pages if you have not enabled customization of the pages' code. The settings will also work if you have enabled customization but are using the predefined templates and have not changed those options in the code.
If you select the New Universal Login Experience, you can also configure the favicon URL and a custom font URL using the Branding API.
Implementing Universal Login
In addition to configuring Universal Login for your tenant's applications, you will also need to complete a few other steps:
- Set up a connection(s) in the Dashboard (Choose Connections in the Dashboard's sidebar, then choose a type and pick one to configure, such as a database or a social login provider).
- Set up your application in the Dashboard.
- Configure your application's code to call Auth0's
/authorizeendpoint in order to trigger Universal Login, and then to deal with the response. You can either do this directly, or use one of our SDKs to make the process easier.
For step by step instructions on setting up your application to use Universal Login, check out our Quickstart guides.
Embedded Login is the scenario in which users login directly in your application, and credentials are transmitted to the Auth0 server. There are security concerns with this approach, particularly if you do not use the Custom Domains feature at Auth0, as this potentially opens your application up to cross-origin authentication issues. If you need to implement embedded login, you need to have a custom domain set up, so that this can be mitigated. You can then use one of our libraries (Such as the Lock Widget or auth0.js SDK) to implement login in your application, or do it via our API.