ASP Classic

System Requirements

This tutorial and seed project have been tested with the following:

  • Microsoft Internet Information Services (IIS)

Please follow the steps below to configure your existing ASP.Net Classic WebApp to use it with Auth0.

Showing the Login Widget

First, we need to create the default.asp which will show the Login Widget from Auth0.

<%@ Language="VBScript" %>
<% Option Explicit %>
<!doctype html>
<html lang="en">
    <meta charset="UTF-8">
    <title>Testing Auth0 with Classic ASP</title>
  <script src=""></script>
  <script type="text/javascript">
    var lock = new Auth0Lock('YOUR_CLIENT_ID', 'YOUR_NAMESPACE', {
      auth: {
        redirectUrl: 'https://YOUR_APP/callback'

    function signin() {;
  <button onclick="signin()">Login</button>

After logging in with any provider, Auth0 will redirect the user to /callback.asp.

Processing the Callback Response

For parsing JSON response, we'll download json2.js and put it in project directory.

We need to add the handler for the Auth0 callback so that we can authenticate the user and get his information. For that, we'll create the callback.asp file.

It will implement the basic OAuth 2 flow:

  1. Exchanges the code for an access_token
  2. Calls the Userinfo endpoint to get the current logged in user profile using the access_token as credentials.
<%@ Language="VBScript" %>

<script language="JScript" runat="server" src='json2.js'></script>

REDIRECT_URI = "https://YOUR_APP/callback"

AUTHORIZATION_CODE = Request.querystring( "code" )


set profile = GetUserProfile( access_token )

'Here, you should save the profile in the session or somewhere'

Response.Write "UserID = " & profile.user_id

Function GetUserProfile(access_token)

  Set http = Server.CreateObject("MSXML2.ServerXMLHTTP") "GET", "https://YOUR_NAMESPACE/userinfo?access_token=" & access_token, False


  profile = http.responseText

  Set GetUserProfile = JSON.parse(profile)

  Set http = Nothing

End Function

Function GetAccessToken(client_id, client_secret, redirect_uri, authorization_code)

  Set http = Server.CreateObject("MSXML2.ServerXMLHTTP") "POST", "https://YOUR_NAMESPACE/oauth/token", False

  http.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"

  http.send "client_id=" & client_id & "&client_secret=" & client_secret & "&redirect_uri=" & server.UrlEncode(redirect_uri) & "&code=" & authorization_code & "&grant_type=authorization_code"

  result = http.responseText

  Set http = Nothing

  set jsonResult = JSON.parse(result)

  GetAccessToken = jsonresult.access_token

End Function

Try Auth0 for FREECreate free Account