I want to integrate with my app15 minutes
I want to explore a sample app2 minutes
Get a sample configured with your account settings or check it out on Github.
Get Your Application Keys
When you signed up for Auth0, a new application was created for you, or you could have created a new one.
You will need some details about that application to communicate with Auth0. You can get these details from the Application Settings section in the Auth0 dashboard.
You need the following information:
- Client ID
Configure Callback URLs
A callback URL is a URL in your application where Auth0 redirects the user after they have authenticated.
You need to whitelist the callback URL for your app in the Allowed Callback URLs field in your Application Settings. If you do not set any callback URL, your users will see a mismatch error when they log in.
Integrate Auth0 in your Application
You need the auth0.js library to integrate Auth0 into your application. You can either install the library locally in your application or load it from CDN.
Loading via dependencies
Install auth0.js using npm or yarn.
Once you install auth0.js, add it to your build system or bring it in to your project with a script tag.
Loading it from CDN
If you do not want to use a package manager, you can retrieve auth0.js from Auth0's CDN.
Authentication with Auth0
When a user logs in, Auth0 returns three items:
access_token: to learn more, see the Access Token documentation
id_token: to learn more, see the ID Token documentation
expires_in: the number of seconds before the Access Token expires
You can use these items in your application to set up and manage authentication.
Create an Authentication Service
Add a new file called
app.js. In the file, you can create and manage an instance of the
auth0.WebAuth object. In that instance, you can define the following:
- Configuration for your application and domain
- Response type, to show that you need a user's Access Token and an ID Token after authentication
- Audience and scope, specifying that you need an
access_tokenthat can be used to invoke the /userinfo endpoint.
- The URL where you want to redirect your users after authentication.
You can also use it to hold logic for hiding and displaying DOM elements.
Handle Authentication Tokens
Add more functions to the
app.js file to handle authentication in the app.
The example below shows the following functions:
handleAuthentication: looks for the result of authentication in the URL hash and processes it with the
parseHashmethod from auth0.js.
renewTokens: performs silent authentication to renew the session.
localLogin: sets the user's Access Token, ID Token, and the Access Token's expiry time.
logout: removes the user's tokens and expiry time from browser memory.
isAuthenticated: checks whether the expiry time for the user's Access Token has passed.
Provide a Login Control
Provide a template with controls for the user to log in and out.
Depending on whether the user is authenticated or not, they see the Log In or Log Out button. The
click event listeners on the buttons make calls to functions in the
app.js file to let the user log in or out. When the user clicks Log In, they are redirected to the login page.
Process the Authentication Result
When a user authenticates at the login page, they are redirected to your application. Their URL contains a hash fragment with their authentication information. The
handleAuthentication method in the
app.js file processes the hash.
handleAuthentication method in the
app.js file. The method processes the authentication hash while your app loads.