Auth0 Universal Login

Auth0 Universal Login defines your login flow, which is the key feature of an Authorization Server. Whenever a user needs to prove their identity, your applications redirect to Universal Login and then Auth0 will do what is needed to guarantee the user's identity.

When using Universal Login, you don't have to do any integration work to handle different methods of authentication. You can start off using a simple username and password, and then add other features, such as social login and multi-factor authentication (MFA).

Configuring Universal Login is dynamic (and does not require application-level changes) because all functionality is driven by the web pages served by the centralized Authentication Server. Your applications benefit from any improvements Auth0 makes in the login flow without the need for you to change your code.

You can create a consistent, branded login experience by customizing the login page appearance and behavior from the Auth0 Dashboard. For advanced use cases, you can even change the code of each page.

To learn more about the differences between Universal Login and embedded login, read Centralized Universal Login vs. Embedded Login.

Choose login experience

Auth0 supports two Universal Login experiences:

To learn more about the different experiences and how they compare, read New Universal Login vs. Classic Universal Login.

Configure login experience

In the Dashboard, go to Branding > Universal Login > Advanced Options, and select which login experience to use for default, non-customized pages:

Auth0 Branding Universal Login Settings Tab Experience

Customize login page

New Universal Login Experience

If you choose the New Universal Login Experience, you can customize your login page's branding and text prompts within the Dashboard. To learn more, read:

Classic Universal Login Experience

If you choose the Classic Universal Login Experience, you can customize the login page's branding within the Dashboard, and configure advanced customization within the SDK it's built on. To learn more, read:

Implement Universal Login

After you've configured Universal Login on your tenant, you'll need to complete the following to implement it:

  • Register your application with Auth0.

  • Configure your application to call the Auth0 Authentication API Login endpoint to trigger Universal Login and handle the response. You can either do this directly or use one of our SDKs.

  • Create a connection (such as Database, Enterprise, or Social) and enable it for the application.

Go to the login page

You can go to the login page from any browser:

https://{yourDomain}/authorize?
  response_type=code|token&
  client_id={yourClientId}&
  connection={connectionName}&
  redirect_uri={https://yourApp/callback}&
  state={state}

Was this helpful?

/

You must include the following values:

  • response_type (either code or token)

  • client_id

  • redirect_uri

  • state

Additionally, you can include the connection parameter to prompt the user to authenticate on the specified connection.

To learn more about the state value and why it's required, read Prevent Attacks and Redirect Users With OAuth 2.0 State Parameters.

Use the SPA SDK

If you are already using the Auth0 Single-Page App SDK, using the auth0.loginWithRedirect() or auth0.loginWithPopup() methods will bring you to the Authorize endpoint.

<button id="login">Login</button>

$('#login').click(async () => {
      await auth0.loginWithRedirect();
    });

Was this helpful?

/

Use the Quickstart guides

To learn how to set up your application to use Universal Login, read our Quickstarts. Choose the approach that best fits your technologies, and the Quickstarts walk you through the implementation.

Learn more