Optional
appState: anyOptional
stackStatic
Optional
prepareOptional override for formatting stack traces
+Static
stackStatic
captureStatic
fromThrown when network requests to the Auth server fail.
-Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
-Static
stackStatic
captureStatic
fromThrown when network requests to the Auth server fail.
+Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
+Static
stackStatic
captureStatic
fromError thrown when the token exchange results in a mfa_required
error
Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
-Static
stackStatic
captureStatic
fromError thrown when the token exchange results in a mfa_required
error
Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
+Static
stackStatic
captureStatic
fromError thrown when there is no refresh token to use
-Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
-Static
stackStatic
captureStatic
fromError thrown when there is no refresh token to use
+Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
+Static
stackStatic
captureStatic
fromAn OAuth2 error will come from the authorization server and will have at least an error
property which will
+
An OAuth2 error will come from the authorization server and will have at least an error
property which will
be the error code. And possibly an error_description
property
See: https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.6
-Optional
error_description: stringOptional
error_Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
-Static
stackStatic
captureOptional
error_description: stringOptional
error_Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
+Static
stackStatic
captureThrown when network requests to the Auth server fail.
-Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
-Static
stackStatic
captureStatic
fromThrown when network requests to the Auth server fail.
+Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
+Static
stackStatic
captureStatic
fromError thrown when the login popup times out (if the user does not complete auth)
-Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
-Static
stackStatic
captureStatic
fromError thrown when the login popup times out (if the user does not complete auth)
+Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
+Static
stackStatic
captureStatic
fromThrown when silent auth times out (usually due to a configuration issue) or +
Thrown when silent auth times out (usually due to a configuration issue) or when network requests to the Auth server timeout.
-Optional
stackStatic
Optional
prepareOptional override for formatting stack traces
-Static
stackStatic
captureStatic
fromOptional
stackStatic
Optional
prepareOptional override for formatting stack traces
+Static
stackStatic
captureStatic
fromOptional
addressOptional
birthdateOptional
emailOptional
email_Optional
family_Optional
genderOptional
given_Optional
localeOptional
middle_Optional
nameOptional
nicknameOptional
phone_Optional
phone_Optional
pictureOptional
preferred_Optional
profileOptional
subOptional
updated_Optional
websiteOptional
zoneinfoOptional
addressOptional
birthdateOptional
emailOptional
email_Optional
family_Optional
genderOptional
given_Optional
localeOptional
middle_Optional
nameOptional
nicknameOptional
phone_Optional
phone_Optional
pictureOptional
preferred_Optional
profileOptional
subOptional
updated_Optional
websiteOptional
zoneinfoThe Auth0 Context
+Readonly
$$typeofOptional
displayUsed in debugging messages. You might want to set it +explicitly if you want to display a different name for +debugging purposes.
+<Auth0Provider
domain={domain}
clientId={clientId}
authorizationParams={{ redirect_uri: window.location.origin }}}>
<MyApp />
</Auth0Provider>
+Auth0Provider | @auth0/auth0-react Function Auth0Provider
- Auth0
Provider(opts): Element <Auth0Provider
domain={domain}
clientId={clientId}
authorizationParams={{ redirect_uri: window.location.origin }}>
<MyApp />
</Auth0Provider>
Provides the Auth0Context to its child components.
-Parameters
opts: Auth0ProviderOptions
Returns Element
\ No newline at end of file
+
const {
// Auth state:
error,
isAuthenticated,
isLoading,
user,
// Auth methods:
getAccessTokenSilently,
getAccessTokenWithPopup,
getIdTokenClaims,
loginWithRedirect,
loginWithPopup,
logout,
} = useAuth0<TUser>();
+useAuth0 | @auth0/auth0-react Function useAuth0
- use
Auth0<TUser>(context?): Auth0ContextInterface<TUser> const {
// Auth state:
error,
isAuthenticated,
isLoading,
user,
// Auth methods:
getAccessTokenSilently,
getAccessTokenWithPopup,
getIdTokenClaims,
loginWithRedirect,
loginWithPopup,
logout,
} = useAuth0<TUser>();
Use the useAuth0
hook in your components to access the auth state and methods.
TUser is an optional type param to provide a type to the user
field.
-Type Parameters
Parameters
context: Context<Auth0ContextInterface<User>> = Auth0Context
Returns Auth0ContextInterface<TUser>
\ No newline at end of file
+
class MyComponent extends Component {
render() {
// Access the auth context from the `auth0` prop
const { user } = this.props.auth0;
return <div>Hello {user.name}!</div>
}
}
// Wrap your class component in withAuth0
export default withAuth0(MyComponent);
+withAuth0 | @auth0/auth0-react Function withAuth0
- with
Auth0<P>(Component, context?): ComponentType<Omit<P, "auth0">> class MyComponent extends Component {
render() {
// Access the auth context from the `auth0` prop
const { user } = this.props.auth0;
return <div>Hello {user.name}!</div>
}
}
// Wrap your class component in withAuth0
export default withAuth0(MyComponent);
Wrap your class components in this Higher Order Component to give them access to the Auth0Context.
Providing a context as the second argument allows you to configure the Auth0Provider the Auth0Context
should come from f you have multiple within your application.
-Type Parameters
P extends WithAuth0Props
Parameters
Component: ComponentType<P>
context: Context<Auth0ContextInterface<User>> = Auth0Context
Returns ComponentType<Omit<P, "auth0">>
\ No newline at end of file
+
const MyProtectedComponent = withAuthenticationRequired(MyComponent);
+withAuthenticationRequired | @auth0/auth0-react Function withAuthenticationRequired
- with
Authentication Required<P>(Component, options?): FC<P> const MyProtectedComponent = withAuthenticationRequired(MyComponent);
When you wrap your components in this Higher Order Component and an anonymous user visits your component
they will be redirected to the login page; after login they will be returned to the page they were redirected from.
-Type Parameters
P extends object
Parameters
Component: ComponentType<P>
options: WithAuthenticationRequiredOptions = {}
Returns FC<P>
\ No newline at end of file
+
Auth0 is an easy to implement, adaptable authentication and authorization platform. To learn more checkout Why Auth0?
-This project is licensed under the MIT license. See the LICENSE file for more info.
Contains the authenticated state and authentication methods provided by the useAuth0
hook.
Optional
errorconst token = await getAccessTokenSilently(options);
+Auth0ContextInterface | @auth0/auth0-react Interface Auth0ContextInterface<TUser>
Contains the authenticated state and authentication methods provided by the useAuth0
hook.
+ interface Auth0ContextInterface<TUser> {
    error?: Error;
    getAccessTokenSilently: {
        (options): Promise<GetTokenSilentlyVerboseResponse>;
        (options?): Promise<string>;
        (options): Promise<string | GetTokenSilentlyVerboseResponse>;
    };
    getAccessTokenWithPopup: ((options?, config?) => Promise<undefined | string>);
    getIdTokenClaims: (() => Promise<undefined | IdToken>);
    handleRedirectCallback: ((url?) => Promise<RedirectLoginResult<any>>);
    isAuthenticated: boolean;
    isLoading: boolean;
    loginWithPopup: ((options?, config?) => Promise<void>);
    loginWithRedirect: ((options?) => Promise<void>);
    logout: ((options?) => Promise<void>);
    user?: TUser;
} Type Parameters
Hierarchy
- AuthState<TUser>
- Auth0ContextInterface
Properties
Optional
error
error?: Errorget Access Token Silently
get Access Token Silently: {
    (options): Promise<GetTokenSilentlyVerboseResponse>;
    (options?): Promise<string>;
    (options): Promise<string | GetTokenSilentlyVerboseResponse>;
}const token = await getAccessTokenSilently(options);
If there's a valid token stored, return it. Otherwise, opens an
iframe with the /authorize
URL using the parameters provided
@@ -19,61 +19,31 @@
will be valid according to their expiration times.
If refresh tokens are used, the token endpoint is called directly with the
'refresh_token' grant. If no refresh token is available to make this call,
-the SDK falls back to using an iframe to the '/authorize' URL.
+the SDK will only fall back to using an iframe to the '/authorize' URL if
+the useRefreshTokensFallback
setting has been set to true
. By default this
+setting is false
.
This method may use a web worker to perform the token call if the in-memory
cache is used.
If an audience
value is given to this function, the SDK always falls
back to using an iframe to make the token exchange.
Note that in all cases, falling back to an iframe requires access to
the auth0
cookie.
-Parameters
options: GetTokenSilentlyOptions & {
    detailedResponse: true;
}
Returns Promise<GetTokenSilentlyVerboseResponse>
- (options?): Promise<string>
const token = await getAccessTokenSilently(options);
-
-If there's a valid token stored, return it. Otherwise, opens an
-iframe with the /authorize
URL using the parameters provided
-as arguments. Random and secure state
and nonce
parameters
-will be auto-generated. If the response is successful, results
-will be valid according to their expiration times.
-If refresh tokens are used, the token endpoint is called directly with the
-'refresh_token' grant. If no refresh token is available to make this call,
-the SDK falls back to using an iframe to the '/authorize' URL.
-This method may use a web worker to perform the token call if the in-memory
-cache is used.
-If an audience
value is given to this function, the SDK always falls
-back to using an iframe to make the token exchange.
-Note that in all cases, falling back to an iframe requires access to
-the auth0
cookie.
-Parameters
Optional
options: GetTokenSilentlyOptions
Returns Promise<string>
- (options): Promise<string | GetTokenSilentlyVerboseResponse>
const token = await getAccessTokenSilently(options);
-
-If there's a valid token stored, return it. Otherwise, opens an
-iframe with the /authorize
URL using the parameters provided
-as arguments. Random and secure state
and nonce
parameters
-will be auto-generated. If the response is successful, results
-will be valid according to their expiration times.
-If refresh tokens are used, the token endpoint is called directly with the
-'refresh_token' grant. If no refresh token is available to make this call,
-the SDK falls back to using an iframe to the '/authorize' URL.
-This method may use a web worker to perform the token call if the in-memory
-cache is used.
-If an audience
value is given to this function, the SDK always falls
-back to using an iframe to make the token exchange.
-Note that in all cases, falling back to an iframe requires access to
-the auth0
cookie.
-Parameters
options: GetTokenSilentlyOptions
Returns Promise<string | GetTokenSilentlyVerboseResponse>
get Access Token With Popup
get Access Token With Popup: ((options?, config?) => Promise<undefined | string>)Type declaration
- (options?, config?): Promise<undefined | string>
const token = await getTokenWithPopup(options, config);
+
Type declaration
- (options): Promise<GetTokenSilentlyVerboseResponse>
Parameters
- options: GetTokenSilentlyOptions & {
    detailedResponse: true;
}
Returns Promise<GetTokenSilentlyVerboseResponse>
- (options?): Promise<string>
Parameters
Optional
options: GetTokenSilentlyOptions
Returns Promise<string>
- (options): Promise<string | GetTokenSilentlyVerboseResponse>
Parameters
- options: GetTokenSilentlyOptions
Returns Promise<string | GetTokenSilentlyVerboseResponse>
get Access Token With Popup
get Access Token With Popup: ((options?, config?) => Promise<undefined | string>)const token = await getTokenWithPopup(options, config);
Get an access token interactively.
Opens a popup with the /authorize
URL using the parameters
provided as arguments. Random and secure state
and nonce
parameters will be auto-generated. If the response is successful,
results will be valid according to their expiration times.
-Parameters
Optional
options: GetTokenWithPopupOptions
Optional
config: PopupConfigOptions
Returns Promise<undefined | string>
get Id Token Claims
Type declaration
- (): Promise<undefined | IdToken>
const claims = await getIdTokenClaims();
+
Type declaration
- (options?, config?): Promise<undefined | string>
Parameters
Optional
options: GetTokenWithPopupOptionsOptional
config: PopupConfigOptions
Returns Promise<undefined | string>
get Id Token Claims
const claims = await getIdTokenClaims();
Returns all claims from the id_token if available.
-Returns Promise<undefined | IdToken>
handle Redirect Callback
handle Redirect Callback: ((url?) => Promise<RedirectLoginResult<any>>)Type declaration
- (url?): Promise<RedirectLoginResult<any>>
After the browser redirects back to the callback page,
+
handle Redirect Callback
handle Redirect Callback: ((url?) => Promise<RedirectLoginResult<any>>)After the browser redirects back to the callback page,
call handleRedirectCallback
to handle success and error
responses from Auth0. If the response is successful, results
will be valid according to their expiration times.
-Parameters
Optional
url: string
The URL to that should be used to retrieve the state
and code
values. Defaults to window.location.href
if not given.
-
Returns Promise<RedirectLoginResult<any>>
is Authenticated
is Authenticated: booleanis Loading
is Loading: booleanlogin With Popup
login With Popup: ((options?, config?) => Promise<void>)Type declaration
- (options?, config?): Promise<void>
await loginWithPopup(options, config);
+
Type declaration
- (url?): Promise<RedirectLoginResult<any>>
Parameters
Optional
url: stringThe URL to that should be used to retrieve the state
and code
values. Defaults to window.location.href
if not given.
+
Returns Promise<RedirectLoginResult<any>>
is Authenticated
is Authenticated: booleanis Loading
is Loading: booleanlogin With Popup
login With Popup: ((options?, config?) => Promise<void>)await loginWithPopup(options, config);
Opens a popup with the /authorize
URL using the parameters
provided as arguments. Random and secure state
and nonce
@@ -82,15 +52,15 @@
IMPORTANT: This method has to be called from an event handler
that was started by the user like a button click, for example,
otherwise the popup will be blocked in most browsers.
-Parameters
Optional
options: PopupLoginOptions
Optional
config: PopupConfigOptions
Returns Promise<void>
login With Redirect
login With Redirect: ((options?) => Promise<void>)Type declaration
- (options?): Promise<void>
await loginWithRedirect(options);
+
Type declaration
- (options?, config?): Promise<void>
Parameters
Optional
options: PopupLoginOptionsOptional
config: PopupConfigOptions
Returns Promise<void>
login With Redirect
login With Redirect: ((options?) => Promise<void>)await loginWithRedirect(options);
Performs a redirect to /authorize
using the parameters
provided as arguments. Random and secure state
and nonce
parameters will be auto-generated.
-Parameters
Optional
options: RedirectLoginOptions<AppState>
Returns Promise<void>
logout
logout: ((options?) => Promise<void>)Type declaration
- (options?): Promise<void>
auth0.logout({ logoutParams: { returnTo: window.location.origin } });
+
Type declaration
- (options?): Promise<void>
Parameters
Optional
options: RedirectLoginOptions<AppState>
Returns Promise<void>
logout
logout: ((options?) => Promise<void>)auth0.logout({ logoutParams: { returnTo: window.location.origin } });
Clears the application session and performs a redirect to /v2/logout
, using
the parameters provided as arguments, to clear the Auth0 session.
If the logoutParams.federated
option is specified, it also clears the Identity Provider session.
Read more about how Logout works at Auth0.
-Parameters
Optional
options: LogoutOptions
Returns Promise<void>
Optional
user
user?: TUser
Optional
options: LogoutOptionsOptional
userThe main configuration to instantiate the Auth0Provider
.
Optional
Internal
auth0Internal property to send information about the client to the authorization server.
-Optional
env?: { Optional
authorizationURL parameters that will be sent back to the Authorization Server. This can be known parameters +
The main configuration to instantiate the Auth0Provider
.
Optional
Internal
auth0Internal property to send information about the client to the authorization server.
+Optional
env?: { Optional
authorizationURL parameters that will be sent back to the Authorization Server. This can be known parameters defined by Auth0 or custom parameters that you define.
-Optional
authorizeA maximum number of seconds to wait before declaring background calls to /authorize as failed for timeout +
Optional
authorizeA maximum number of seconds to wait before declaring background calls to /authorize as failed for timeout Defaults to 60s.
-Optional
cacheSpecify a custom cache implementation to use for token storage and retrieval. This setting takes precedence over cacheLocation
if they are both specified.
Optional
cacheThe location to use when storing cache data. Valid values are memory
or localstorage
.
+
Optional
cacheSpecify a custom cache implementation to use for token storage and retrieval. This setting takes precedence over cacheLocation
if they are both specified.
Optional
cacheThe location to use when storing cache data. Valid values are memory
or localstorage
.
The default setting is memory
.
Read more about changing storage options in the Auth0 docs
-Optional
childrenThe child nodes your Provider has wrapped
-The Client ID found on your Application settings page
-Optional
contextContext to be used when creating the Auth0Provider, defaults to the internally created context.
+Optional
childrenThe child nodes your Provider has wrapped
+The Client ID found on your Application settings page
+Optional
contextContext to be used when creating the Auth0Provider, defaults to the internally created context.
This allows multiple Auth0Providers to be nested within the same application, the context value can then be passed to useAuth0, withAuth0, or withAuthenticationRequired to use that specific Auth0Provider to access auth state and methods specifically tied to the provider that the context belongs to.
@@ -46,50 +46,50 @@ used to store data is differentFor a sample on using multiple Auth0Providers review the React Account Linking Sample
-Optional
cookieThe domain the cookie is accessible from. If not set, the cookie is scoped to +
Optional
cookieThe domain the cookie is accessible from. If not set, the cookie is scoped to the current domain, including the subdomain.
Note: setting this incorrectly may cause silent authentication to stop working on page load.
To keep a user logged in across multiple subdomains set this to your
top-level domain and prefixed with a .
(eg: .example.com
).
Your Auth0 account domain such as 'example.auth0.com'
,
+
Your Auth0 account domain such as 'example.auth0.com'
,
'example.eu.auth0.com'
or , 'example.mycompany.com'
(when using custom domains)
Optional
httpSpecify the timeout for HTTP calls using fetch
. The default is 10 seconds.
Optional
issuerThe issuer to be used for validation of JWTs, optionally defaults to the domain above
-Optional
leewayThe value in seconds used to account for clock skew in JWT expirations. +
Optional
httpSpecify the timeout for HTTP calls using fetch
. The default is 10 seconds.
Optional
issuerThe issuer to be used for validation of JWTs, optionally defaults to the domain above
+Optional
leewayThe value in seconds used to account for clock skew in JWT expirations. Typically, this value is no more than a minute or two at maximum. Defaults to 60s.
-Optional
legacySets an additional cookie with no SameSite attribute to support legacy browsers +
Optional
legacySets an additional cookie with no SameSite attribute to support legacy browsers that are not compatible with the latest SameSite changes. This will log a warning on modern browsers, you can disable the warning by setting this to false but be aware that some older useragents will not work, See https://www.chromium.org/updates/same-site/incompatible-clients Defaults to true
-Optional
nowModify the value used as the current time during the token validation.
+Optional
nowModify the value used as the current time during the token validation.
Note: Using this improperly can potentially compromise the token validation.
-Optional
onBy default this removes the code and state parameters from the url when you are redirected from the authorize page. +
Optional
onBy default this removes the code and state parameters from the url when you are redirected from the authorize page.
It uses window.history
but you might want to overwrite this if you are using a custom router, like react-router-dom
See the EXAMPLES.md for more info.
Optional
sessionNumber of days until the cookie auth0.is.authenticated
will expire
+
Optional
sessionNumber of days until the cookie auth0.is.authenticated
will expire
Defaults to 1.
Optional
skipBy default, if the page url has code/state params, the SDK will treat them as Auth0's and attempt to exchange the +
Optional
skipBy default, if the page url has code/state params, the SDK will treat them as Auth0's and attempt to exchange the code for a token. In some cases the code might be for something else (another OAuth SDK perhaps). In these instances you can instruct the client to ignore them eg
<Auth0Provider
clientId={clientId}
domain={domain}
skipRedirectCallback={window.location.pathname === '/stripe-oauth-callback'}
>
-Optional
useIf true
, the SDK will use a cookie when storing information about the auth transaction while
+
Optional
useIf true
, the SDK will use a cookie when storing information about the auth transaction while
the user is going through the authentication flow on the authorization server.
The default is false
, in which case the SDK will use session storage.
You might want to enable this if you rely on your users being able to authenticate using flows that may end up spanning across multiple tabs (e.g. magic links) or you cannot otherwise rely on session storage being available.
-Optional
useIf true, data to the token endpoint is transmitted as x-www-form-urlencoded data, if false it will be transmitted as JSON. The default setting is true
.
Optional
useIf true, data to the token endpoint is transmitted as x-www-form-urlencoded data, if false it will be transmitted as JSON. The default setting is true
.
Note: Setting this to false
may affect you if you use Auth0 Rules and are sending custom, non-primitive data. If you disable this,
please verify that your Auth0 Rules continue to work as intended.
Optional
useIf true, refresh tokens are used to fetch new access tokens from the Auth0 server. If false, the legacy technique of using a hidden iframe and the authorization_code
grant with prompt=none
is used.
+
Optional
useIf true, refresh tokens are used to fetch new access tokens from the Auth0 server. If false, the legacy technique of using a hidden iframe and the authorization_code
grant with prompt=none
is used.
The default setting is false
.
Note: Use of refresh tokens must be enabled by an administrator on your Auth0 client application.
-Optional
useIf true, fallback to the technique of using a hidden iframe and the authorization_code
grant with prompt=none
when unable to use refresh tokens. If false, the iframe fallback is not used and
+
Optional
useIf true, fallback to the technique of using a hidden iframe and the authorization_code
grant with prompt=none
when unable to use refresh tokens. If false, the iframe fallback is not used and
errors relating to a failed refresh_token
grant should be handled appropriately. The default setting is false
.
Note: There might be situations where doing silent auth with a Web Message response from an iframe is not possible, like when you're serving your application from the file system or a custom protocol (like in a Desktop or Native app). @@ -97,9 +97,9 @@
E.g. Using the file:
protocol in an Electron application does not support that legacy technique.
let token: string;
try {
token = await auth0.getTokenSilently();
} catch (e) {
if (e.error === 'missing_refresh_token' || e.error === 'invalid_grant') {
auth0.loginWithRedirect();
}
}
-Optional
workerIf provided, the SDK will load the token worker from this URL instead of the integrated blob
. An example of when this is useful is if you have strict
+
Optional
workerIf provided, the SDK will load the token worker from this URL instead of the integrated blob
. An example of when this is useful is if you have strict
Content-Security-Policy (CSP) and wish to avoid needing to set worker-src: blob:
. We recommend either serving the worker, which you can find in the module
at <module_path>/dist/auth0-spa-js.worker.production.js
, from the same host as your application or using the Auth0 CDN
https://cdn.auth0.com/js/auth0-spa-js/<version>/auth0-spa-js.worker.production.js
.
Note: The worker is only used when useRefreshTokens: true
, cacheLocation: 'memory'
, and the cache
is not custom.
If you need to send custom parameters to the Authorization Server, +
If you need to send custom parameters to the Authorization Server, make sure to use the original parameter name.
-Optional
acr_Optional
audienceThe default audience to be used for requesting API access.
-Optional
connectionThe name of the connection configured for your application. +
Optional
acr_Optional
audienceThe default audience to be used for requesting API access.
+Optional
connectionThe name of the connection configured for your application. If null, it will redirect to the Auth0 Login Page and show the Login Widget.
-Optional
displayOptional
display'page'
: displays the UI with a full page view'popup'
: displays the UI with a popup window'touch'
: displays the UI in a way that leverages a touch interface'wap'
: displays the UI with a "feature phone" type interfaceOptional
id_Previously issued ID Token.
-Optional
invitationThe Id of an invitation to accept. This is available from the user invitation URL that is given when participating in a user invitation flow.
-Optional
login_The user's email address or other identifier. When your app knows +
Optional
id_Previously issued ID Token.
+Optional
invitationThe Id of an invitation to accept. This is available from the user invitation URL that is given when participating in a user invitation flow.
+Optional
login_The user's email address or other identifier. When your app knows which user is trying to authenticate, you can provide this parameter to pre-fill the email box or select the right session for sign-in.
This currently only affects the classic Lock experience.
-Optional
max_Maximum allowable elapsed time (in seconds) since authentication. +
Optional
max_Maximum allowable elapsed time (in seconds) since authentication. If the last time the user authenticated is greater than this value, the user must be reauthenticated.
-Optional
organizationThe organization to log in to.
+Optional
organizationThe organization to log in to.
This will specify an organization
parameter in your user's login request.
org_
), it will be validated against the org_id
claim of your user's ID Token. The validation is case-sensitive.org_
), it will be validated against the org_name
claim of your user's ID Token. The validation is case-insensitive.Optional
promptOptional
prompt'none'
: do not prompt user for login or consent on reauthentication'login'
: prompt user for reauthentication'consent'
: prompt user for consent before processing request'select_account'
: prompt user to select an accountOptional
redirect_The default URL where Auth0 will redirect your browser to with +
Optional
redirect_The default URL where Auth0 will redirect your browser to with the authentication result. It must be whitelisted in the "Allowed Callback URLs" field in your Auth0 Application's settings. If not provided here, it should be provided in the other methods that provide authentication.
-Optional
scopeThe default scope to be used on authentication requests.
+Optional
scopeThe default scope to be used on authentication requests.
This defaults to profile email
if not set. If you are setting extra scopes and require
profile
and email
to be included then you must include them in the provided scope.
Note: The openid
scope is always applied regardless of this setting.
Optional
screen_Provides a hint to Auth0 as to what flow should be displayed. +
Optional
screen_Provides a hint to Auth0 as to what flow should be displayed. The default behavior is to show a login page but you can override this by passing 'signup' to show the signup page instead.
This only affects the New Universal Login Experience.
-Optional
ui_The space-separated list of language tags, ordered by preference. +
Optional
ui_The space-separated list of language tags, ordered by preference.
For example: 'fr-CA fr en'
.
Optional
authorizationParameters that will be sent back to Auth0 as part of a request.
+Optional
authorizationParameters that will be sent back to Auth0 as part of a request.
If you need to send custom parameters to the Authorization Server, make sure to use the original parameter name.
Optional
audience?: stringThe audience that was used in the authentication request
@@ -13,13 +13,13 @@ It must be whitelisted in the "Allowed Web Origins" in your Auth0 Application's settings.Optional
scope?: stringThe scope that was used in the authentication request
-Optional
cacheWhen off
, ignores the cache and always sends a
+
Optional
cacheWhen off
, ignores the cache and always sends a
request to Auth0.
When cache-only
, only reads from the cache and never sends a request to Auth0.
Defaults to on
, where it both reads from the cache and sends a request to Auth0 as needed.
Optional
detailedIf true, the full response from the /oauth/token endpoint (or the cache, if the cache was used) is returned +
Optional
detailedIf true, the full response from the /oauth/token endpoint (or the cache, if the cache was used) is returned
(minus refresh_token
if one was issued). Otherwise, just the access token is returned.
The default is false
.
Optional
timeoutA maximum number of seconds to wait before declaring the background /authorize call as failed for timeout +
Optional
timeoutA maximum number of seconds to wait before declaring the background /authorize call as failed for timeout Defaults to 60s.
-Optional
authorizationURL parameters that will be sent back to the Authorization Server. This can be known parameters +
Optional
authorizationURL parameters that will be sent back to the Authorization Server. This can be known parameters defined by Auth0 or custom parameters that you define.
-Optional
cacheWhen off
, ignores the cache and always sends a request to Auth0.
+
Optional
cacheWhen off
, ignores the cache and always sends a request to Auth0.
When cache-only
, only reads from the cache and never sends a request to Auth0.
Defaults to on
, where it both reads from the cache and sends a request to Auth0 as needed.
Optional
allOptional
acrOptional
addressOptional
amrOptional
at_Optional
audOptional
auth_Optional
azpOptional
birthdateOptional
c_Optional
cnfOptional
emailOptional
email_Optional
expOptional
family_Optional
genderOptional
given_Optional
iatOptional
issOptional
jtiOptional
localeOptional
middle_Optional
nameOptional
nbfOptional
nicknameOptional
nonceOptional
org_Optional
org_Optional
phone_Optional
phone_Optional
pictureOptional
preferred_Optional
profileOptional
sidOptional
sub_Optional
updated_Optional
websiteOptional
zoneinfoOptional
acrOptional
addressOptional
amrOptional
at_Optional
audOptional
auth_Optional
azpOptional
birthdateOptional
c_Optional
cnfOptional
emailOptional
email_Optional
expOptional
family_Optional
genderOptional
given_Optional
iatOptional
issOptional
jtiOptional
localeOptional
middle_Optional
nameOptional
nbfOptional
nicknameOptional
nonceOptional
org_Optional
org_Optional
phone_Optional
phone_Optional
pictureOptional
preferred_Optional
profileOptional
sidOptional
sub_Optional
updated_Optional
websiteOptional
zoneinfoOptional
clientThe clientId
of your application.
Optional
clientThe clientId
of your application.
If this property is not set, then the clientId
that was used during initialization of the SDK is sent to the logout endpoint.
If this property is set to null
, then no client ID value is sent to the logout endpoint.
Optional
logoutParameters to pass to the logout endpoint. This can be known parameters defined by Auth0 or custom parameters +
Optional
logoutParameters to pass to the logout endpoint. This can be known parameters defined by Auth0 or custom parameters you wish to provide.
If you need to send custom parameters to the logout endpoint, make sure to use the original parameter name.
Optional
federated?: booleanWhen supported by the upstream identity provider,
@@ -20,10 +20,10 @@
returnTo
URL must be listed in the "Allowed Logout URLs" at
the account level in the Auth0 dashboard.
Optional
openUsed to control the redirect and not rely on the SDK to do the actual redirect.
+Optional
openUsed to control the redirect and not rely on the SDK to do the actual redirect.
Set to false
to disable the redirect, or provide a function to handle the actual redirect yourself.
await auth0.logout({
openUrl(url) {
window.location.replace(url);
}
});
+
await auth0.logout({
openUrl(url) {
window.location.replace(url);
}
});
import { Browser } from '@capacitor/browser';
await auth0.logout({
async openUrl(url) {
await Browser.open({ url });
}
});
-Optional
clientThe clientId
of your application.
Optional
clientThe clientId
of your application.
If this property is not set, then the clientId
that was used during initialization of the SDK is sent to the logout endpoint.
If this property is set to null
, then no client ID value is sent to the logout endpoint.
Optional
logoutParameters to pass to the logout endpoint. This can be known parameters defined by Auth0 or custom parameters +
Optional
logoutParameters to pass to the logout endpoint. This can be known parameters defined by Auth0 or custom parameters you wish to provide.
If you need to send custom parameters to the logout endpoint, make sure to use the original parameter name.
Optional
federated?: booleanWhen supported by the upstream identity provider,
@@ -19,4 +19,4 @@
returnTo
URL must be listed in the "Allowed Logout URLs" at
the account level in the Auth0 dashboard.
Optional
popupAccepts an already-created popup window to use. If not specified, the SDK +
Optional
popupAccepts an already-created popup window to use. If not specified, the SDK will create its own. This may be useful for platforms like iOS that have security restrictions around when popups can be invoked (e.g. from a user click event)
-Optional
timeoutThe number of seconds to wait for a popup response before +
Optional
timeoutThe number of seconds to wait for a popup response before throwing a timeout error. Defaults to 60s
-Optional
authorizationURL parameters that will be sent back to the Authorization Server. This can be known parameters +
Optional
authorizationURL parameters that will be sent back to the Authorization Server. This can be known parameters defined by Auth0 or custom parameters that you define.
-Optional
appUsed to store state before doing the redirect
-Optional
authorizationURL parameters that will be sent back to the Authorization Server. This can be known parameters +
Optional
appUsed to store state before doing the redirect
+Optional
authorizationURL parameters that will be sent back to the Authorization Server. This can be known parameters defined by Auth0 or custom parameters that you define.
-Optional
fragmentUsed to add to the URL fragment before redirecting
-Optional
openUsed to control the redirect and not rely on the SDK to do the actual redirect.
-const client = new Auth0Client({
openUrl(url) {
window.location.replace(url);
}
});
+
Optional
fragmentUsed to add to the URL fragment before redirecting
+Optional
openUsed to control the redirect and not rely on the SDK to do the actual redirect.
+const client = new Auth0Client({
openUrl(url) {
window.location.replace(url);
}
});
import { Browser } from '@capacitor/browser';
const client = new Auth0Client({
async openUrl(url) {
await Browser.open({ url });
}
});
-Components wrapped in withAuth0
will have an additional auth0
prop
Components wrapped in withAuth0
will have an additional auth0
prop
Options for the withAuthenticationRequired Higher Order Component
-Optional
contextThe context to be used when calling useAuth0, this should only be provided if you are using multiple Auth0Providers +
Options for the withAuthenticationRequired Higher Order Component
+Optional
contextThe context to be used when calling useAuth0, this should only be provided if you are using multiple Auth0Providers within your application and you wish to tie a specific component to a Auth0Provider other than the Auth0Provider associated with the default Auth0Context.
-Optional
loginwithAuthenticationRequired(Profile, {
loginOptions: {
appState: {
customProp: 'foo'
}
}
})
+
Optional
loginwithAuthenticationRequired(Profile, {
loginOptions: {
appState: {
customProp: 'foo'
}
}
})
Pass additional login options, like extra appState
to the login page.
This will be merged with the returnTo
option used by the onRedirectCallback
handler.
Optional
onwithAuthenticationRequired(Profile, {
onBeforeAuthentication: () => { analyticsLibrary.track('login_triggered'); }
})
+
Optional
onwithAuthenticationRequired(Profile, {
onBeforeAuthentication: () => { analyticsLibrary.track('login_triggered'); }
})
Allows executing logic before the user is redirected to the login page.
-Optional
onwithAuthenticationRequired(Profile, {
onRedirecting: () => <div>Redirecting you to the login...</div>
})
+
Optional
onwithAuthenticationRequired(Profile, {
onRedirecting: () => <div>Redirecting you to the login...</div>
})
Render a message to show that the user is being redirected to the login.
-Optional
returnwithAuthenticationRequired(Profile, {
returnTo: '/profile'
})
+
Optional
returnwithAuthenticationRequired(Profile, {
returnTo: '/profile'
})
or
withAuthenticationRequired(Profile, {
returnTo: () => window.location.hash.substr(1)
})
Add a path for the onRedirectCallback
handler to return the user to after login.
The state of the application before the user was redirected to the login page.
-Optional
returnThe state of the application before the user was redirected to the login page.
+Optional
returnThe possible locations where tokens can be stored
-The possible locations where tokens can be stored
+Const
The Auth0 Context
-
Thrown when handling the redirect callback fails, will be one of Auth0's +
- Preparing search index...
- The search index is not available
@auth0/auth0-reactClass AuthenticationError
Thrown when handling the redirect callback fails, will be one of Auth0's Authentication API's Standard Error Responses: https://auth0.com/docs/api/authentication?javascript#standard-error-responses
-Hierarchy
Index
Constructors
Properties
Methods
Constructors
constructor
Parameters
error: string
error_description: string
state: string
Optional
appState: anyReturns AuthenticationError
Properties
app State
error
error_ description
message
name
Optional
stackstate
Static
Optional
prepareType declaration
Optional override for formatting stack traces
-Parameters
err: Error
stackTraces: CallSite[]
Returns any
See
https://v8.dev/docs/stack-trace-api#customizing-stack-traces
-Static
stackMethods
Static
captureCreate .stack property on a target object
-Parameters
targetObject: object
Optional
constructorOpt: FunctionReturns void
Static
fromParameters
__namedParameters: {
    error: string;
    error_description: string;
}
error: string
error_ description: string
Returns GenericError
Settings
Member Visibility
Theme
On This Page