This tutorial demonstrates how to use the Auth0 Apache SDK to add authentication and authorization to your web app. We recommend you to Log in to follow this quickstart with examples configured for your account.
This tutorial and seed project have been tested with the following:
- Apache 2.4
Please follow the steps below to configure your application using Apache to work with Auth0 and Open ID Connect.
Using Two Auth0 Tenants
Install and Enable
First, you need to install the
mod_auth_openidc module for Apache.
Once you've installed it, you just need to enable it for Apache (If you are using Windows, you can use this to get
a2enmod working on your system)
Configure the Module with Your Auth0 Account Information
Now you should get a new configuration file under the
/etc/apache2/mods-available folder, where Apache modules are normally installed (On Windows you need to use
In there, you must add the following configuration for the
Configuring Auth0 Settings
In your application settings add a new allowed callback which is equal to
Now, go to OAuth section in advanced settings and change
JsonWebToken Token Signature Algorithm to RS256.
You can configure Apache to protect a certain location based on an attribute of the user. Here is an example:
Then you can write a rule in Auth0 that would return the
Or you could even use an array of folders and the apache module will check if the array contains any of these values