Add Login to Your Native/Mobile App

Add Login to Your Native/Mobile App

Everything you need to know to implement login for a native/mobile app

Ready to start building?

Using Auth0 in your applications means that you will be "outsourcing" the authentication process to a centralized login page in the same way that Gmail, YouTube, and any other Google property redirects to accounts.google.com whenever a user signs in.

Your user will authenticate, and Auth0 will generate an ID Token that will be passed back to your application.

How it works

In a native/mobile application, the default experience will open a SafariViewController in iOS or a Custom Chrome Tab in Android.

  1. The user clicks your "login" button or link, and our SDK redirects the user to your Auth0 Authorization Server.
  2. The user authenticates with Auth0 using one of your configured login options (e.g., username/password, social identity provider, SAML).
  3. Your app requests the user's ID Token.
  4. Auth0 responds with the user's ID Token.

For security in native/mobile devices, Auth0 uses the Authorization Code Flow with Proof Key for Code Exchange (PKCE).

Flow Overview for Native/Mobile Apps

Implementation overview

  1. 1

    Configure the sign-in methods

    Auth0 supports a wide range of authentication methods: regular username/password (users can be stored in Auth0 or your own database), social (i.e., Google, Facebook, and 50+ other providers), passwordless (email magic link, email code, and phone code), and enterprise (e.g., SAML-based, ADFS, Ping, Okta).

    Go to the dashboard and turn on the methods you want to allow; they will automatically show up in the login/sign-up page. By default, email/password and Google are enabled.
  2. 2

    Customize the sign-in UI (optional)

    The default experience is demonstrated in the image below and can be completely customized in the dashboard, from changing the logo and primary colors to completely overriding it with your own login screen.

    Default Login Screen for Native/Mobile Apps
  3. 3

    Use the Auth0 SDK to trigger the flow

    The SDK will take care of the details of opening the SafariViewController or Chrome Custom Tab, parsing the response back from Auth0, and validating the ID Token.

    Your app can store the Access Token and a Refresh Token used to renew the Access Token without asking the user to re-enter their credentials. Follow one of our Native/Mobile Quickstarts to get started with the integration.

Alternative: Use Embedded Login

While we strongly recommend that you use our hosted universal login page, if you prefer to embed your own login pages within your native/mobile app, you can implement our login widget (Lock UI) directly into your app with our:

What's next

  • Auth0 offers many ways to personalize your user's login experience and customize tokens using rules and hooks.
  • Most native/mobile apps access APIs to retrieve data, which can also be done using Auth0. Learn how to call your API from your app: Call Your API from Your Native/Mobile App.
  • If you are building your own API and you want to secure the endpoints using Auth0, see Protect Your API.

Ready to start building?