auth0

What is auth0?

The auth0 npm package provides a comprehensive solution for implementing authentication and authorization in web applications. It offers a variety of features including user login, signup, password reset, and social login integrations. Auth0 simplifies the process of securing applications by providing a robust and scalable authentication service.

What are auth0's main functionalities?

User Login

This feature allows users to log in using their username and password. The code sample demonstrates how to use the password grant type to authenticate a user.

const auth0 = require('auth0');
const auth0Client = new auth0.AuthenticationClient({
  domain: 'YOUR_DOMAIN',
  clientId: 'YOUR_CLIENT_ID'
});

auth0Client.oauth.passwordGrant({
  username: 'user@example.com',
  password: 'password'
}, function(err, response) {
  if (err) {
    console.error(err);
  } else {
    console.log(response);
  }
});

User Signup

This feature allows new users to sign up for an account. The code sample demonstrates how to create a new user using the ManagementClient.

const auth0 = require('auth0');
const auth0Client = new auth0.ManagementClient({
  domain: 'YOUR_DOMAIN',
  clientId: 'YOUR_CLIENT_ID',
  clientSecret: 'YOUR_CLIENT_SECRET'
});

const data = {
  email: 'newuser@example.com',
  password: 'password',
  connection: 'Username-Password-Authentication'
};

auth0Client.createUser(data, function(err, user) {
  if (err) {
    console.error(err);
  } else {
    console.log(user);
  }
});

Password Reset

This feature allows users to reset their password. The code sample demonstrates how to request a password reset email.

const auth0 = require('auth0');
const auth0Client = new auth0.AuthenticationClient({
  domain: 'YOUR_DOMAIN',
  clientId: 'YOUR_CLIENT_ID'
});

auth0Client.requestChangePasswordEmail({
  email: 'user@example.com',
  connection: 'Username-Password-Authentication'
}, function(err, response) {
  if (err) {
    console.error(err);
  } else {
    console.log(response);
  }
});

Social Login

This feature allows users to log in using their social media accounts. The code sample demonstrates how to initiate a login with Google using the WebAuth client.

const auth0 = require('auth0');
const auth0Client = new auth0.WebAuth({
  domain: 'YOUR_DOMAIN',
  clientID: 'YOUR_CLIENT_ID'
});

auth0Client.authorize({
  connection: 'google-oauth2'
});

Other packages similar to auth0

passport

Passport is a popular authentication middleware for Node.js. It is highly flexible and modular, allowing developers to choose from a wide range of authentication strategies. Unlike Auth0, Passport requires more configuration and setup, but it offers greater control over the authentication process.

firebase

Firebase Authentication provides backend services for easy use of authentication in web and mobile apps. It supports email/password authentication, social login providers, and anonymous login. Firebase is a part of the Google Cloud Platform and offers a more integrated solution for apps already using other Firebase services.

okta

Okta is an enterprise-grade identity management service that provides secure authentication and authorization. It offers similar features to Auth0, including user management, social login, and multi-factor authentication. Okta is known for its robust security features and is often used in enterprise environments.

README

Node.js client library for the Auth0 platform.

Installation

npm install auth0

Usage

Initialize your client class with the credentials in the settings section of the dashboard.

var Auth0 = require('auth0');

var api = new Auth0({
  domain:       'yourdomain.auth0.com',
  clientID:     'your-client-id',
  clientSecret: 'your-client-secret'
});

api.getConnections(callback)

Return a list of all the connections in your application:

api.getConnections(function (err, connections){
  //.....
});

Additionally there is a getSocialConnections and getEnterpriseConnections.

api.createConnection(callback)

Let's say one of your customers wants to use its own directory to authenticate to your app. You will have to create a connection in Auth0 for this customer and if you want to automate that for N customers, you will want to use the API. Typically, you will ask the customer domain name and depending on the directory you are connecting to, some metadata. Together with other information, like the attributes your app needs, a set of credentials, etc. you can call the API.

var myNewConnection =  {
    //a friendly name to identify the connection
    'name': 'thesuperstore-connection',

    //this is the strategy: office365, google-apps, adfs
    'strategy': 'office365', 
    
    'options': {
      // depending on the strategy, you will need a set of credentials to authenticate 
      // your app against the directory (office365 and google apps use this)
      'tenant_domain': 'bigcompany.com or bicompany.onmicrosoft.com'
    };

api.createConnection(myNewConnection, function (err, connection) {
  //.....
});

Because this example uses Office 365, the returned connection object will have a provisioning_ticket_url field to which you have to redirect the client in order to complete the authorization process.

api.getUser(userId, callback)

This method returns a single user, referenced by its ID.

api.getUser("long-20-byte-id", function(err, user) {
  // user is a user! error might be an error!
});

api.getUserBySearch(searchCriteria, callback)

This method returns an array of users and their full user objects, including metadata. Metadata cannot be searched on as of time of writing (2/26/15).

api.getUserBySearch('email: "someuseremail@gmail.com"', function(err, users) {
  // returns an array of user objects if there is no error
});

api.getUsers({[connection: connection], [per_page: 10]}, callback)

This method returns a list of users.

If connection name is passed on the options, it will search the users on the directory of the connection. Suppose it is a Windows Azure Active Directory connection it will fetch all the users from the directory. If the connection doesn't have a directory or it is a Social connection like Google Auth 2 it will return all the users that have logged in to your application at least once.

The amount of items per page is optional (defaults to 100) and it is not supported for all directories, eg: connections using Google Apps ignores this argument and uses 100.

api.getUsers({connection: 'a-waad-connection'}, function (err, result) {
  //result is an array with the user objects
});

The callback has the common signature for node.js method [err, result] where result is an array of users with an special hidden property called nextPageLink. These links are safe to be shared since they will work for a short period of time and have an special signature that make them safe.

Although you can do a simple GET to that link to fetch the next page, you can use the library as well:

api.getUsers({connection: 'a-waad-connection'}, function (err, firstPageOfResults) {
  api.getUsers({page: firstPageOfResults.nextPageLink}, function (err, secondPageOfResults) {
  });
});

api.getSocialUsers({[per_page: 10]}, callback)

The same than getUsers but this method returns users for all social connections, ie: not enterprise connections.

api.impersonateUser(userId, options, callback)

Returns the impersonation link:

api.impersonateUser('github|123', {
  protocol: 'oauth2',
  impersonator_id: 'gonto',
  client_id: 'client',
  additionalParameters: {
    response_type: 'code'
  }
}, function (err, result){
  //.....
});

Check it on the API Explorer;

api.getAccessToken(callback)

Retrieves an Access Token to make direct HTTP calls to Auth0 API.

api.getAccessToken(function (err, token) {
  if (err) {
    console.log('Error fetching token: ' + err);
    return;
  }

  // Do something with token
  ...
});

api.createUser(userData, callback)

Creates a new user. userData is an object that must contain the following mandatory fields:

• email: User's email
• password: User's password
• connection: The name of the connection where to create the user.

Also, custom fields can be added with more information about the user.

var newUser = {
  email:          'john@doe.com',
  password:       'somepass',
  connection:     'mydb',

  /* custom field */
  favoriteColor:  'red'
};
api.createUser(newUser, function (err, userInfo) {
  if (err) {
    console.log('Error creating user: ' + err);
    return;
  }

  console.log('User favorite color: ' + userInfo.favoriteColor);
});

api.updateUserEmail(userId, newEmail, verify, callback)

This method updates the email field of an user identified by userId. When verify boolean flag is on it sends an email to the affected user to confirm the change.

api.updateUserEmail("my-user-id", "john.new.email@foo.com", false, function (err, result) {
  if (err) {
    console.log('Error updating email: ', + err);
    return;
  }
  console.log(result);
});

api.updateUserPassword(userId, newPassword, verify, callback)

This method updates the user password of an user identified by userId. When verify boolean flag is on it sends an email to the affected user to confirm the change.

api.updateUserPassword("my-user-id", "johnthisisyournewpassword!shhh", false, function (err, result) {
  if (err) {
    console.log('Error updating password: ', + err);
    return;
  }
  console.log(result);
});

Note: Result is not the password but a string with a success message.

api.getUserMetadata(userId, callback)

This method retrieves the metadata for a user. metadata is an object that includes custom fields for the user referenced by userId.

api.getUserMetadata("a-user-id", function(err, metadata) {
  // returns error if there was a problem, otherwise the user's metadata
});

api.updateUserMetadata(userId, metadata, callback)

This method updates the metadata for a user. metadata is an object, and the fields in that object will be set on the user referenced by userId. Note: the entire metadata object is replaced with this method. To update select fields, use the patchUserMetadata method.

api.updateUserMetadata("a-user-id", {my_special_data: {a: "b", c: "d"}}, function(err) {
  // if there was a problem, err will be non-null
});

api.patchUserMetadata(userId, metadata, callback)

This method patches the metadata for a user. metadata is an object, and only the fields included in the patch will be updated for the user referenced by userId.

api.patchUserMetadata("a-user-id", {my_special_data: {a: "e"}}, function(err) {
  // if there was a problem, err will be non-null
});

api.deleteUser(userId, callback)

This method removes a user by ID. Be careful!

api.deleteUser("i-dont-like-this-guy", function(err) {
  // yep, err will be truthy if there was a problem
});

api.getConnection(name, callback)

api.getConnection('my-connection', function (err, connection) {
  //.....
});

api.getStrategies(callback)

api.getStrategies(function (err, strategies) {
  //.....
});

api.deleteTenant

api.deleteTenant(name, function (err) {
  //.....
});

api.createClient

api.createClient(client, function (err, newClient) {
  //.....
});

api.updateClient

api.updateClient(client, function (err) {
  //.....
});

api.deleteClient

api.deleteClient(clientID, function (err) {
  //.....
});

api.getClients

Returns a list of all the tenant's clients.

api.getClients(function (err, clients) {
  //.....
});

api.getClients

Returns client by clientID.

api.getClients(clientID, function (err, client) {
  //.....
});

api.getClientsByUserId

Returns a list of all the user's clients.

api.getClientsByUserId(userId, function (err, clients) {
  //.....
});

api.createRule

Creates a new transformation Rule

var rule = {
  name: "A rule",
  status: true,
  script: "function(user, context, done) {}"
};

api.createRule(rule, function (err, rule) {
  //.....
});

api.getRule

Returns a specific transformaion rule

api.getRule(ruleName, function (err, rule) {
  //.....
});

api.deleteRule

Returns a specific transformaion rule

api.deleteRule(ruleName, function (err) {
  //.....
});

api.updateRule

Updates an existing rule

api.updateRule(rule, function (err, rule) {
  //.....
});

Auth0

Auth0.getUserInfo

Gets a profile using an user Access Token. For instance, an user access token is returned (together with the id token) by the /ro end point.

var options = {domain: 'my-domain.auth0.com', userAccessToken: 'XXXXXX'};

Auth0.getUserInfo(options, function (err, profile) {
  if (err) { throw err; }

  // Use user profile here
});

Authentication

This library is useful to consume the rest api of auth0, in order to authenticate users you can use the passport strategy.

Complete example

A complete example of using this library here.

Documentation

For more information about auth0 contact our documentation page.

What is Auth0?

Auth0 helps you to:

• Add authentication with multiple authentication sources, either social like Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, amont others, or enterprise identity systems like Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider.
• Add authentication through more traditional username/password databases.
• Add support for linking different user accounts with the same user.
• Support for generating signed Json Web Tokens to call your APIs and flow the user identity securely.
• Analytics of how, when and where users are logging in.
• Pull data from other sources and add it to the user profile, through JavaScript rules.

Create a free Auth0 Account

1. Go to Auth0 and click Sign Up.
2. Use Google, GitHub or Microsoft Account to login.

Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

Author

Auth0

License

This project is licensed under the MIT license. See the LICENSE file for more info.