Auth0 badgeAuth0 University

Getting Started with the lock

Getting Started with the lock

  1. Course Catalog
  2. Getting Started with the lock
  3. How to set up a social connection with Auth0

How to set up a social connection with Auth0

In this screencast we'll set up your first social connection. You can see the full list of social connections available for you to use by clicking connections and then social in the navigation menu. To enable a new social connection you'll simply click the toggle button on the provider you want to use. Then, you'll need to configure the connection. After enabling a connection a form will open up prompting you to enter the required configurations. Usually you'll need a client ID and secret which you'll need to get from the social provider. Clicking the how to obtain a client ID link will open a page that provides simple instructions on how to obtain this information for the provider you're setting up.

We'll go ahead and follow the instructions for GitHub as an example, but keep in mind the process for setting up other providers such as Google and Twitter is nearly identical with slight variations on how to set up the application on the provider's side. To start using GitHub as a provider we'll create a new GitHub application, then we'll specify the main URL and the callback URL GitHub should use. Auth0 shows you the callback URL you should use in the instructions. We'll copy that information onto the clipboard and then paste it into the GitHub form. After we've registered our new application, GitHub provides you with a unique client ID and secret which we'll copy and paste into the GitHub configuration form for Auth0.

In the bottom of the form you see an attribute and permission section. Depending on what your application will do, you may need to choose one or more of these options. Basically, checking attributes will result in the chosen attributes being returned as part of the user's profile, and checking permissions will result in new abilities your application can perform with the access token that's returned by the provider.

For example, let's say your application needs the email address of the logged in user and your application will provide the ability to follow other GitHub users, which will be achieved by calling the GitHub API on behalf of the user. In this scenario, you'll need to select two check boxes. Under the attributes section you'll need to check the email address check box, and then other the permissions section you'll need to check the follow check box. Okay, let's save our changes.

Now let's test our GitHub provider, which we can do by clicking the try button. If you've configured the GitHub provider correctly, you'll see the GitHub authorized application page. This is the same page your users will see the first time they use GitHub with your application. As you can see in the review permissions section, GitHub shows the user that your application will be able to access their private emails as well as follow and unfollow other GitHub users. We'll go ahead and click the authorize application button, and if everything is set up correctly we'll get redirected to a page that confirms our connection with GitHub is working. Additionally, we'll see the user's profile information that our application will receive after the user logs in with GitHub. As you can see, the private email address that we requested is included in the profile. Now if we close this window and return to the dashboard, we see that our account has one new sign up and one new user.

Stay tuned for the next screencast where we'll show you how to set up a user and password connection.