Questions tagged [auth0]

For questions relating to the integration with Auth0 services and/or SDK's. Auth0 is a cloud or on-premises authentication and authorization service provider that lets you easily and quickly connect your apps, choose identity providers, add users, set up rules, customize your login page and access analytics from within your Auth0 dashboard.

Auth0 is a platform for modern identity. It provides tools that simplifies the authentication for your applications and APIs using industry standards such as SAML, OpenID Connect, JSON Web Token, OAuth 2.0, OAuth 1.0a, WS-Federation and OpenID, preventing any type of vendor lock-in.

It supports multiple types of authentication across any application platform:

Social - authenticate users with social providers (Facebook, Twitter, etc).
Enterprise - authenticate users with Active Directory, LDAP and SAML, among others.
Database - authenticate users with traditional username and password credentials stored on an Auth0 hosted database or your own existing database.
Passwordless - authenticate users by email and/or SMS without requiring them to remember yet another set of credentials.

The authentication pipeline can be customized by implementing your own rules, in plain Javascript, that will be executed every time a user authenticates to an application.

Useful links

3108 questions

361

votes

4 answers

RS256 vs HS256: What's the difference?

I'm using Auth0 to handle authentication in my web app. I'm using ASP.NET Core v1.0.0 and Angular 2 rc5 and I don't know much about authentication/security in general. In the Auth0 docs for ASP.NET Core Web Api, there are two choices for the JWT…

asked Aug 31 '16 at 00:37

Rico Kahler

17,616
11
59
85

133

votes

5 answers

OAuth 2.0 vs Auth0

What is the difference between OAuth 2.0 and Auth0? Which one should I use to develop the authentication system?

oauth-2.0 auth0

asked Oct 17 '17 at 04:55

youi

1,887
5
20
31

votes

2 answers

CSRF protection with JSON Web Tokens

I read that when using JWT, there is no need to protect against CSRF attacks, for instance: "since you are not relying on cookies, you don't need to protect against cross site requests". However, something I do not understand: if I store the token…

local-storage csrf jwt auth0

asked Feb 09 '16 at 12:01

JulienD

7,102
9
50
84

votes

1 answer

Laravel Passport vs JWT vs Oauth2 vs Auth0

Confusion about API auth types in Laravel? I'm currently learning how to create an API in Laravel and I found myself into this confusing concepts. After a few days of research and practice, I could finally understand enough this concepts to make a…

laravel oauth-2.0 jwt auth0 laravel-passport

asked Dec 11 '17 at 03:03

ibitebyt3s

2,992
2
15
25

votes

1 answer

What is the difference between Firebase auth and Auth0 authentication

How does http://auth0.com's authentication features compare to Firebase's authentication? Does Auth0.com, on the Free or Silver plan, provide any authentication features that Firebase does not provide?

firebase-authentication auth0

asked Jan 16 '16 at 13:39

Basem

votes

5 answers

Header in the response must not be the wildcard '*' when the request's credentials mode is 'include'

I'm using Auth0 for my user authentication to only allow logged in users to access a Spring (Boot) RestController. At this point I'm creating a real-time message functionality where users can send messages from the Angular 2 client (localhost:4200)…

java spring angular auth0 sockjs

asked Mar 30 '17 at 10:09

Sam

1,303
3
23
41

votes

2 answers

What is the difference between id_token and access_token in Auth0

In Auth0 you can use refresh tokens. In this link, we can see many returned parameters: lock.showSignin({ authParams: { scope: 'openid offline_access' } }, function (err, profile, id_token, access_token, state, refresh_token) { // store…

javascript oauth openid jwt auth0

asked Jul 18 '15 at 20:00

Scott Coates

2,462
5
31
40

votes

2 answers

Auth0: Create user in local database after Auth0 sign up

I am using Auth0 to host all my user data. I also have my own backend, and I wish to have a Users table in it, which will map my db's generated userId to Auth0's user_id. I am hesitating between two flows on sign-up: Sign-up flow 1: Frontend shows…

auth0

asked Aug 10 '18 at 23:55

jeanpaul62

9,451
13
54
94

votes

4 answers

How to login in Auth0 in an E2E test with Cypress?

I have started testing a react webapp but I didn't go far because I had issues with the login. I am using cypress e2e testing tool. A welcome page is shown with a button to login, which will redirect you to auth0 service. User is login with email…

authentication mocking cypress auth0 e2e-testing

asked Jul 06 '18 at 11:03

Mikel

5,902
5
34
49

votes

3 answers

IdentityServer4 vs Auth0

We want to build a central authority to do authentication and authorization for our various applications (.net). We see IdentityServer4 is open source and free, while Auth0 cost money. Does anyone use both of these? Can anyone provide suggestion…

identityserver4 auth0

asked Nov 01 '17 at 15:48

martial

3,773
8
33
43

votes

4 answers

how to generate AndroidManifest.xml from a react-native app created with react-native init

I used react-native init to create my react application. I'm trying to tie in auth0 and auth0 documentation is saying I need something from the androidManafest.xml. The problem is that the react-native init didn't create…

android reactjs native auth0

asked Jul 12 '17 at 14:49

Jodi Parker

votes

6 answers

access token from auth0provider outside of react components

I'm using the auth0 token provided by the user on login to make api calls via useAuth0.getTokenSilently. In this example, fetchTodoList, addTodoItem, and updateTodoItem all require a token for authorization. I'd like to be able to extract these…

reactjs typescript axios auth0

asked May 18 '20 at 13:12

ItsGeorge

2,060
3
17
33

votes

7 answers

Auth0 callback URL mismatch

I am doing LinkedIn authentication with auth0 in a react app. I have set localhost:3000/upload in callback urls in settings, hopping that after users login at localhost:3000/login, they would be redirected to localhost:3000/upload. However, I always…

authentication reactjs auth0 social-authentication

asked Jul 24 '16 at 21:03

shangsunset

1,585
4
22
38

votes

3 answers

TypeError, 'digest' of undefined, in development environment

When we're building our Angular SPA for localhost it works perfectly. On our dev environment, this error creeps into the DevTool console and breaks everything: ERROR Error: Uncaught (in promise): TypeError: Cannot read property 'digest' of…

auth0

asked Jul 22 '19 at 12:56

PeaceDealer

votes

2 answers

Auth0 impersonation deprecated.. What should I use instead?

On our website, administrators should be able to view the website as the user (client). I planned on using Auth0 for this, and just noticed their impersonation feature is deprecated. I could force some login flag in Redux to allow the admin to view…

reactjs api access-token auth0 impersonation

asked Oct 05 '18 at 17:30

Greg Miller

1,064
13
22

2 3

…

99 100 Next