Name: auth0.js
Owner: Auth0
Description: Auth0 headless browser sdk
Created: 2013-09-26 15:15:07.0
Updated: 2018-01-11 23:01:40.0
Pushed: 2018-01-17 16:02:15.0
Homepage: null
Size: 11072
Language: JavaScript
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Client Side Javascript toolkit for Auth0 API
Auth0.js v9 uses our latest embedded login API. This version cannot be used inside Auth0-Hosted Login Pages. If you are using a Hosted Login Page, keep using Auth0.js v8.
Need help migrating from v8? Please check our Migration Guide
If you want to read the full API documentation of auth0.js, see here
From CDN
Latest patch release -->
ipt src="https://cdn.auth0.com/js/auth0/9.2.2/auth0.min.js"></script>
From npm
install auth0-js
After installing the auth0-js
module, you'll need bundle it up along with all of its dependencies.
Provides support for all the authentication flows
auth0 = new auth0.WebAuth({
main: "{YOUR_AUTH0_DOMAIN}",
ientID: "{YOUR_AUTH0_CLIENT_ID}"
Parameters:
'example.auth0.com'
or 'example.eu.auth0.com'
.'token'
. It can be any space separated list of the values code
, token
, id_token
. If you don't provide a global responseType
, you will have to provide a responseType
for each method that you use'fragment'
. The parseHash
method can be used to parse authentication responses using fragment response mode. Supported values are query
, fragment
and form_post
. The query
value is only supported when responseType
is code
.false
./authorize
endpoint to start an authentication/authorization transaction.
Auth0 will call back to your application with the results at the specified redirectUri
.0.authorize({
dience: 'https://mystore.com/api/v2',
ope: 'read:order write:order',
sponseType: 'token',
directUri: 'https://example.com/auth/callback'
This method requires that your tokens are signed with RS256. Please check our Migration Guide for more information.
0.parseHash({ hash: window.location.hash }, function(err, authResult) {
(err) {
return console.log(err);
The contents of authResult depend on which authentication parameters were used.
It can include the following:
authResult.accessToken - access token for the API specified by `audience`
authResult.expiresIn - string with the access token's expiration time in seconds
authResult.idToken - ID token JWT containing user profile information
th0.client.userInfo(authResult.accessToken, function(err, user) {
// Now you have the user's information
;
{error: 'login_required'}
.The method accepts any valid OAuth2 parameters that would normally be sent to /authorize
.
Everything happens inside an iframe, so it will not reload your application or redirect away from it.0.checkSession({
dience: 'https://mystore.com/api/v2',
ope: 'read:order write:order'
function (err, authResult) {
// Authentication tokens or error
The contents of authResult
are identical to those returned by parseHash()
.
Important: If you're not using the hosted login page to do social logins, you have to use your own social connection keys. If you use Auth0's dev keys, you'll always get
login_required
as an error when callingcheckSession
.Important: Because there is no redirect in this method,
responseType: 'code'
is not supported and will throw an error.
Remember to add the URL where the authorization request originates from, to the Allowed Web Origins list of your Auth0 client in the Dashboard under your client's Settings.
/oauth/token
. This will not initialize a SSO session at Auth0, hence can not be used along with silent authentication.0.client.login({
alm: 'Username-Password-Authentication', //connection name or HRD domain
ername: 'info@auth0.com',
ssword: 'areallystrongpassword',
dience: 'https://mystore.com/api/v2',
ope: 'read:order write:order',
function(err, authResult) {
// Auth tokens in the result or an error
The contents of authResult
are identical to those returned by parseHash()
.
Provides an API client for the Auth0 Authentication API.
auth0 = new auth0.Authentication({
main: "{YOUR_AUTH0_DOMAIN}",
ientID: "{YOUR_AUTH0_CLIENT_ID}"
/authorize
url in order to initialize a new authN/authZ transaction. https://auth0.com/docs/api/authentication#database-ad-ldap-passive-oauth/token
endpoint with password
grant type. https://auth0.com/docs/api-auth/grant/passwordoauth/token
endpoint with https://auth0.com/oauth/grant-type/password-realm
grant type.oauth/token
endpoint./userinfo
endpoint and returns the user profile.Provides an API Client for the Auth0 Management API (only methods meant to be used from the client with the user token).
auth0 = new auth0.Management({
main: "{YOUR_AUTH0_DOMAIN}",
ken: "{YOUR_AUTH0_API_TOKEN}"
For a complete reference and examples please check our docs and our Migration Guide if you need help to migrate from v7
Run npm start
and point your browser to https://localhost:3000/example
to run the example page.
Run npm run test
to run the test suite.
Run npm run test:watch
to run the test suite while you work.
Run npm run test:coverage
to run the test suite with coverage report.
Run npm run lint
to run the linter and check code styles.
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
For auth0 related questions/support please use the Support Center.
This project is licensed under the MIT license. See the LICENSE file for more info.