Skip to main content

Documentation Index

Fetch the complete documentation index at: https://auth0.com/llms.txt

Use this file to discover all available pages before exploring further.

Community maintained This tutorial demonstrates how to use the Auth0 Apache SDK to add authentication and authorization to your web app.We recommend that you log in to follow this quickstart with examples configured for your account.

System Requirements

This tutorial and seed project have been tested with the following:
  • Apache 2.4
Please follow the steps below to configure your application using Apache to work with Auth0 and Open ID Connect.

Install and Enable mod_auth_openidc Module

First, you need to install the mod_auth_openidc module for Apache. You can get the binaries from Github and install them for your OS. If your OS isn’t compatible with any of the binaries, you can still build it from source Once you’ve installed it, you just need to enable it for Apache (If you are using Windows, you can use this to get a2enmod working on your system) 
a2enmod auth_openidc

Configure the Module with Your Auth0 Account Information

Now you should get a new configuration file under the /etc/apache2/mods-available folder, where Apache modules are normally installed (On Windows you need to use /apache/conf/httpd.conf file). In there, you must add the following configuration for the mod_auth_openidc module

Configuring Auth0 Settings

In your application settings add a new allowed callback which is equal to OIDCRedirectURI. Now, go to OAuth section in advanced settings and change JsonWebToken Token Signature Algorithm to RS256.

Authorization

You can configure Apache to protect a certain location based on an attribute of the user. Here is an example: 
# mods-available/auth_openidc.conf

<Location /example>
   AuthType openid-connect
   #Require valid-user
   Require claim folder:example
</Location>

<Location /example2>
   AuthType openid-connect
   #Require valid-user
   Require claim folder:example2
</Location>
Then you can write a rule in Auth0 that would return the folder attribute: 
function(user, context, callback) {
    if (somecondition()) {
       user.folder = 'example2';
    }

   user.folder = 'example';
}
Or you could even use an array of folders and the apache module will check if the array contains any of these values 
function(user, context, callback) {
    user.folders = [];
    if (somecondition()) {
       user.folders.push('example2');
    }

   user.folders.push('example');
}
Edit on GitHub