WebAuth

WebAuth

new WebAuth()

Helper to perform Auth against Auth0 hosted login page

It will use /authorize endpoint of the Authorization Server (AS) with Code Grant and Proof Key for Challenge Exchange (PKCE).

Source:
See:

Methods

(static) authorize(parameters, options) → {Promise}

Starts the AuthN/AuthZ transaction against the AS in the in-app browser.

In iOS it will use SFSafariViewController and in Android Chrome Custom Tabs.

To learn more about how to customize the authorize call, check the Universal Login Page article at https://auth0.com/docs/hosted-pages/login

Source:
See:
Parameters:
Name Type Description
parameters Object

Parameters to send on the AuthN/AuthZ request.

Name Type Attributes Description
state String <optional>

Random string to prevent CSRF attacks and used to discard unexepcted results. By default its a cryptographically secure random.

nonce String <optional>

Random string to prevent replay attacks of id_tokens.

audience String <optional>

Identifier of Resource Server (RS) to be included as audience (aud claim) of the issued access token

scope String <optional>

Scopes requested for the issued tokens. e.g. openid profile

connection String <optional>

The name of the identity provider to use, e.g. "google-oauth2" or "facebook". When not set, it will display Auth0's Universal Login Page.

max_age Number <optional>

The allowable elapsed time in seconds since the last time the user was authenticated (optional).

organization String <optional>

the ID of the organization to join
invitationUrl String <optional>

the invitation URL to join an organization. Takes precedence over the "organization" parameter.

options Object

Other configuration options.

Name Type Attributes Description
leeway Number <optional>

The amount of leeway, in seconds, to accommodate potential clock skew when validating an ID token's claims. Defaults to 60 seconds if not specified.

ephemeralSession Boolean <optional>

Disable Single-Sign-On (SSO). It only affects iOS with versions 13 and above.

customScheme String <optional>

Custom scheme to build the callback URL with.
Returns:
Type:
Promise

(static) clearSession(parameters) → {Promise}

Removes Auth0 session and optionally remove the Identity Provider session.

In iOS it will use SFSafariViewController and in Android Chrome Custom Tabs.

Source:
See:
Parameters:
Name Type Description
parameters Object

Parameters to send

Name Type Attributes Description
federated Bool <optional>

Optionally remove the IdP session.
customScheme String <optional>

Custom scheme to build the callback URL with.
Returns:
Type:
Promise