Auth

Auth

new Auth()

Auth0 Auth API

Source:
See:

Methods

(static) authorizeUrl(parameters) → {String}

Builds the full authorize endpoint url in the Authorization Server (AS) with given parameters.

Source:
See:
Parameters:
Name Type Description
parameters Object

parameters to send to /authorize

Name Type Description
responseType String

type of the response to get from /authorize.

redirectUri String

where the AS will redirect back after success or failure.

state String

random string to prevent CSRF attacks.
Returns:
Type:
String

authorize url with specified parameters to redirect to for AuthZ/AuthN.

(static) createUser(parameters) → {Promise}

Source:
Parameters:
Name Type Description
parameters Object

create user parameters

Name Type Attributes Description
email String

user's email
username String <optional>

user's username
password String

user's password
connection String

name of the database connection where to create the user

metadata String <optional>

additional user information that will be stored in user_metadata

Returns:
Type:
Promise

(static) exchange(parameters) → {Promise}

Exchanges a code obtained via /authorize (w/PKCE) for the user's tokens

Source:
See:
Parameters:
Name Type Description
parameters Object

parameters used to obtain tokens from a code

Name Type Description
code String

code returned by /authorize.
redirectUri String

original redirectUri used when calling /authorize.

verifier String

value used to generate the code challenge sent to /authorize.

Returns:
Type:
Promise

(static) exchangeNativeSocial(parameters) → {Promise}

Exchanges an external token obtained via a native social authentication solution for the user's tokens

Source:
See:
Parameters:
Name Type Description
parameters Object

parameters used to obtain user tokens from an external provider's token

Name Type Attributes Description
subjectToken String

token returned by the native social authentication solution

subjectTokenType String

identifier that indicates the native social authentication solution

userProfile Object <optional>

additional profile attributes to set or override, only on select native social authentication solutions

audience String <optional>

API audience to request
scope String <optional>

scopes requested for the issued tokens. e.g. openid profile

Returns:
Type:
Promise

(static) loginWithEmail(parameters) → {Promise}

Finishes the Passworldess authentication with an email connection

Source:
Parameters:
Name Type Description
parameters Object

passwordless parameters

Name Type Description
email String

the email where the link/code was received
code String

the code numeric value (OTP)
audience String

optional API audience to request
scope String

optional scopes to request
Returns:
Type:
Promise

(static) loginWithSMS(parameters) → {Promise}

Finishes the Passworldess authentication with an SMS connection

Source:
Parameters:
Name Type Description
parameters Object

passwordless parameters

Name Type Description
phoneNumber String

the phone number where the code was received
code String

the code numeric value (OTP)
audience String

optional API audience to request
scope String

optional scopes to request
Returns:
Type:
Promise

(static) logoutUrl(parameters) → {String}

Builds the full logout endpoint url in the Authorization Server (AS) with given parameters.

Source:
See:
Parameters:
Name Type Description
parameters Object

parameters to send to /v2/logout

Name Type Attributes Description
federated Boolean <optional>

if the logout should include removing session for federated IdP.

clientId String <optional>

client identifier of the one requesting the logout

returnTo String <optional>

url where the user is redirected to after logout. It must be declared in you Auth0 Dashboard

Returns:
Type:
String

logout url with specified parameters

(static) passwordlessWithEmail(parameters) → {Promise}

Starts the Passworldess flow with an email connection

Source:
Parameters:
Name Type Description
parameters Object

passwordless parameters

Name Type Description
email String

the email to send the link/code to
send String

the passwordless strategy, either 'link' or 'code'

authParams String

optional parameters, used when strategy is 'linkĖ'

Returns:
Type:
Promise

(static) passwordlessWithSMS(parameters) → {Promise}

Starts the Passworldess flow with an SMS connection

Source:
Parameters:
Name Type Description
parameters Object

passwordless parameters

Name Type Description
phoneNumber String

the phone number to send the link/code to
Returns:
Type:
Promise

(static) passwordRealm(parameters) → {Promise}

Performs Auth with user credentials using the Password Realm Grant

Source:
See:
Parameters:
Name Type Description
parameters Object

password realm parameters

Name Type Attributes Description
username String

user's username or email
password String

user's password
realm String

name of the Realm where to Auth (or connection name)

audience String <optional>

identifier of Resource Server (RS) to be included as audience (aud claim) of the issued access token

scope String <optional>

scopes requested for the issued tokens. e.g. openid profile

Returns:
Type:
Promise

(static) refreshToken(parameters) → {Promise}

Obtain new tokens using the Refresh Token obtained during Auth (requesting offline_access scope)

Source:
See:
Parameters:
Name Type Description
parameters Object

refresh token parameters

Name Type Attributes Description
refreshToken String

user's issued refresh token
scope String <optional>

scopes requested for the issued tokens. e.g. openid profile

Returns:
Type:
Promise

(static) resetPassword(parameters) → {Promise}

Request an email with instructions to change password of a user

Source:
Parameters:
Name Type Description
parameters Object

reset password parameters

Name Type Description
email String

user's email
connection String

name of the connection of the user
Returns:
Type:
Promise

(static) revoke(parameters) → {Promise}

Revoke an issued refresh token

Source:
Parameters:
Name Type Description
parameters Object

revoke token parameters

Name Type Description
refreshToken String

user's issued refresh token
Returns:
Type:
Promise

(static) userInfo(parameters) → {Promise}

Return user information using an access token

Source:
Parameters:
Name Type Description
parameters Object

user info parameters

Name Type Description
token String

user's access token
Returns:
Type:
Promise