Add Login to your Express Application
Auth0 allows you to add authentication to almost any application type quickly. This guide demonstrates how to integrate Auth0, add user login, logout, and profile to a Node.js Express application using the Express OpenID Connect SDK.
To use Auth0 services, you’ll need to have an application set up in the Auth0 Dashboard. The Auth0 application is where you will configure how you want authentication to work for the project you are developing.
Configure an application
Use the interactive selector to create a new Auth0 application or select an existing application that represents the project you want to integrate with. Every application in Auth0 is assigned an alphanumeric, unique client ID that your application code will use to call Auth0 APIs through the SDK.
Any settings you configure using this quickstart will automatically update for your Application in the Dashboard, which is where you can manage your Applications in the future.
If you would rather explore a complete configuration, you can view a sample application instead.
Configure Callback URLs
A callback URL is a URL in your application that you would like Auth0 to redirect users to after they have authenticated. If not set, users will not be returned to your application after they log in.
Configure Logout URLs
A logout URL is a URL in your application that you would like Auth0 to redirect users to after they have logged out. If not set, users will not be able to log out from your application and will receive an error.
Your application will need the express-openid-connect package which is an Auth0-maintained OIDC-compliant SDK for Express.
Install the Express OpenID Connect SDK by running the following commands in your terminal:
cd <your-project-directory>
npm install express-openid-connect
### Configure Router
The Express OpenID Connect library provides the `auth` router in order to attach authentication routes to your application. You will need to configure the router with the following configuration keys:
- `authRequired` - Controls whether authentication is required for all routes
- `auth0Logout` - Uses Auth0 logout feature
- `baseURL` - The URL where the application is served
- `secret` - A long, random string
- `issuerBaseURL` - The Domain as a secure URL found in your <a href="https://manage.auth0.com/#/applications/{yourClientId}/settings" target="_blank" rel="noreferrer">Application settings</a>
- `clientID` - The Client ID found in your <a href="https://manage.auth0.com/#/applications/{yourClientId}/settings" target="_blank" rel="noreferrer">Application settings</a>
For additional configuration options visit the <a href="https://auth0.github.io/express-openid-connect" target="_blank" rel="noreferrer">API documentation</a>.
:::note
You can generate a suitable string for `LONG_RANDOM_STRING` using `openssl rand -hex 32` on the command line.
:::
::::checkpoint
:::checkpoint-default
A user can now log into your application by visiting the `/login` route provided by the library. If you are running your project on `localhost:3000` that link would be <a href="http://localhost:3000/" target="_blank" rel="noreferrer">`http://localhost:3000/`</a>.
:::
:::checkpoint-failure
Sorry about that. You should check the error details on the Auth0 login page to make sure you have entered the callback URL correctly.
Still having issues? Check out our <a href="https://auth0.com/docs" target="_blank" rel="noreferrer">documentation</a> or visit our <a href="https://community.auth0.com" target="_blank" rel="noreferrer">community page</a> to get more help.
:::
::::
## Display User Profile {{{ data-action="code" data-code="server.js#25:28" }}}
<p>To display the user's profile, your application should provide a protected route.</p><p>Add the <code>requiresAuth</code> middleware for routes that require authentication. Any route using this middleware will check for a valid user session and, if one does not exist, it will redirect the user to log in.</p><p><div class="checkpoint">Express - Step 3 - Display User Profile - Checkpoint <div class="checkpoint-default"><p>A user can log out of your application by visiting the <code>/logout</code> route provided by the library. If you are running your project on <code>localhost:3000</code>, that link would be <a href="http://localhost:3000/logout"><code>http://localhost:3000/logout</code></a>.</p></div>
<div class="checkpoint-success"></div>
<div class="checkpoint-failure"><p>Sorry about that. You should check that you configured the logout URL correctly.</p><p>Still having issues? Check out our <a href="https://auth0.com/docs">documentation</a> or visit our <a href="https://community.auth0.com/">community page</a> to get more help.</p></div>
</div></p>Was this helpful?
Next Steps
Excellent work! If you made it this far, you should now have login, logout, and user profile information running in your application.
This concludes our quickstart tutorial, but there is so much more to explore. To learn more about what you can do with Auth0, check out:
- Auth0 Dashboard - Learn how to configure and manage your Auth0 tenant and applications
- express-openid-connect SDK - Explore the SDK used in this tutorial more fully
- Auth0 Marketplace - Discover integrations you can enable to extend Auth0’s functionality
Sign up for an or to your existing account to integrate directly with your own tenant.