To use this quickstart, you’ll need to:
- Sign up for a free Auth0 account or log in to Auth0.
- Have a working project that you want to integrate with. Alternatively, you can view or download a sample application after logging in.
To use Auth0 services, you’ll need to have an application set up in the Auth0 Dashboard. The Auth0 application is where you will configure how you want authentication to work for the project you are developing.
Configure an application
Use the interactive selector to create a new Auth0 application or select an existing application that represents the project you want to integrate with. Every application in Auth0 is assigned an alphanumeric, unique client ID that your application code will use to call Auth0 APIs through the SDK.
Any settings you configure using this quickstart will automatically update for your Application in the Dashboard, which is where you can manage your Applications in the future.
If you would rather explore a complete configuration, you can view a sample application instead.
Configure Callback URLs
A callback URL is a URL in your application that you would like Auth0 to redirect users to after they have authenticated. If not set, users will not be returned to your application after they log in.
Configure Logout URLs
A logout URL is a URL in your application that you would like Auth0 to redirect users to after they have logged out. If not set, users will not be able to log out from your application and will receive an error.
Configure Allowed Web Origins
An Allowed Web Origin is a URL that you want to be allowed to access to your authentication flow. This must contain the URL of your project. If not properly set, your project will be unable to silently refresh authentication tokens, so your users will be logged out the next time they visit your application or refresh a page.
Was this helpful?
Create a new instance of the Auth0 client provided by the Auth0 SPA SDK and provide the Auth0 application details you created earlier in this quickstart.
If a user has previously logged in, the client will refresh the authentication state on page load; the user will still be logged in once the page is refreshed.
Now that you have configured your Auth0 Application, added the Auth0 SPA SDK, and created the Auth0 client, you need to set up login for your project. To do this, you will use the SDK’s
loginWithRedirect() method to redirect users to the Auth0 Universal Login page where Auth0 can authenticate them. After a user successfully authenticates, they will be redirected to the callback URL you set up earlier in this quickstart.
Create a login button in your application that calls
loginWithRedirect() when selected.
You should now be able to log in to your application.
Run your application, and select the login button. Verify that:
- you can log in or sign up using a username and password
- your application redirects you to the Auth0 Universal Login page
- you are redirected to Auth0 for authentication
- Auth0 successfully redirects back to your application after authentication
- you do not receive any errors in the console related to Auth0
When the browser is redirected back to your application process, your application should call the
handleRedirectCallback() function on the Auth0 client only when it detects a callback from Auth0. One way to do this is to only call
state query parameters are detected.
If handling the callback was successful, the parameters should be removed from the URL so the callback handler will not be triggered the next time the page loads.
Your callback from Auth0 should now be properly handled.
Run your application, and select the login button again. Verify that:
- Auth0 successfully redirects back to your application after authentication.
- the query parameters are removed from the URL.
Users who log in to your project will also need a way to log out. The Auth0 client provides a
logout() method that you can use to log a user out of your app. When users log out, they will be redirected to your Auth0 logout endpoint, which will then immediately redirect them to your application and the logout URL you set up earlier in this quickstart.
Create a logout button in your application that calls
logout() when selected.
You should now be able to log out of your application.
Run your application, log in, and select the logout button. Verify that:
- you are redirected to Auth0's logout endpoint.
- Auth0 successfully redirects back to your application and the correct logout URL.
- you are no longer logged in to your application.
- you do not receive any errors in the console related to Auth0.
Now that your users can log in and log out, you will likely want to be able to retrieve the profile information associated with authenticated users. For example, you may want to be able to personalize the user interface by displaying a logged-in user’s name or profile picture.
The Auth0 SPA SDK provides user information through the
getUser() function exposed by the Auth0 client. The Auth0 client also exposes an
isAuthenticated() function that allows you to check whether a user is authenticated or not, which you can use to determine whether to show or hide UI elements, for example. Review the code in the interactive panel to see examples of how to use these functions.
You should now be able to view user profile information.
Run your application, and verify that:
- user information displays correctly after you have logged in.
- user information does not display after you have logged out.
Excellent work! If you made it this far, you should now have login, logout, and user profile information running in your application.
This concludes our quickstart tutorial, but there is so much more to explore. To learn more about what you can do with Auth0, check out:
Did it work?
Any suggestion or typo?Edit on GitHub
Sign up for an or to your existing account to integrate directly with your own tenant.