Rules Best Practices

Rules can be used in a variety of situations as part of the authentication pipeline where protocol-specific artifacts are generated:

  • an ID Token in OpenID Connect (OIDC)

  • an Access Token in OAuth 2.0

  • an assertion in SAML

A new pipeline in which rules execute is created for each authentication request.

Auth0 provides a number of pre-existing rules and rule templates to help you achieve your goal(s). To see a list, visit our rules repository on GitHub.

You may also want to build your own Rule(s) to support your specific functionality requirements. You can modify a pre-existing rule template or choose to start from scratch using one of our samples. Either way, there are a number of best practices that you’ll want to adopt to ensure that you achieve the best possible outcome.

Learn more