auth0

Client library for the Auth0 platform

Node.js client library for the Auth0 platform.

npm install auth0

Initialize your client class with the credentials in the settings section of the dashboard.

var Auth0 = require('auth0');
 
var api = new Auth0({
  domain:       'yourdomain.auth0.com',
  clientID:     'your-client-id',
  clientSecret: 'your-client-secret'
});

Return a list of all the connections in your application:

api.getConnections(function (errconnections){
  //..... 
});

Additionally there is a getSocialConnections and getEnterpriseConnections.

Let's say one of your customers wants to use its own directory to authenticate to your app. You will have to create a connection in Auth0 for this customer and if you want to automate that for N customers, you will want to use the API. Typically, you will ask the customer domain name and depending on the directory you are connecting to, some metadata. Together with other information, like the attributes your app needs, a set of credentials, etc. you can call the API.

var myNewConnection =  {
    //a friendly name to identify the connection 
    'name': 'thesuperstore-connection',
 
    //this is the strategy: office365, google-apps, adfs 
    'strategy': 'office365', 
    
    'options': {
      // depending on the strategy, you will need a set of credentials to authenticate  
      // your app against the directory (office365 and google apps use this) 
      'tenant_domain': 'bigcompany.com or bicompany.onmicrosoft.com'
    };
 
api.createConnection(myNewConnection, function (errconnection) {
  //..... 
});

Because this example uses Office 365, the returned connection object will have a provisioning_ticket_url field to which you have to redirect the client in order to complete the authorization process.

This method returns a single user, referenced by its ID.

api.getUser("long-20-byte-id", function(erruser) {
  // user is a user! error might be an error! 
});

This method returns an array of users and their full user objects, including metadata. Metadata cannot be searched on as of time of writing (2/26/15).

api.getUserBySearch('email: "someuseremail@gmail.com"', function(errusers) {
  // returns an array of user objects if there is no error 
});

This method returns a list of users.

If connection name is passed on the options, it will search the users on the directory of the connection. Suppose it is a Windows Azure Active Directory connection it will fetch all the users from the directory. If the connection doesn't have a directory or it is a Social connection like Google Auth 2 it will return all the users that have logged in to your application at least once.

The amount of items per page is optional (defaults to 100) and it is not supported for all directories, eg: connections using Google Apps ignores this argument and uses 100.

api.getUsers({connection: 'a-waad-connection'}, function (errresult) {
  //result is an array with the user objects 
});

The callback has the common signature for node.js method [err, result] where result is an array of users with an special hidden property called nextPageLink. These links are safe to be shared since they will work for a short period of time and have an special signature that make them safe.

Although you can do a simple GET to that link to fetch the next page, you can use the library as well:

api.getUsers({connection: 'a-waad-connection'}, function (errfirstPageOfResults) {
  api.getUsers({page: firstPageOfResults.nextPageLink}, function (errsecondPageOfResults) {
  });
});

The same than getUsers but this method returns users for all social connections, ie: not enterprise connections.

Returns the impersonation link:

api.impersonateUser('github|123', {
  protocol: 'oauth2',
  impersonator_id: 'gonto',
  client_id: 'client',
  additionalParameters: {
    response_type: 'code'
  }
}, function (errresult){
  //..... 
});

Check it on the API Explorer;

Retrieves an Access Token to make direct HTTP calls to Auth0 API.

 
api.getAccessToken(function (errtoken) {
  if (err) {
    console.log('Error fetching token: ' + err);
    return;
  }
 
  // Do something with token 
  ...
});
 

Creates a new user. userData is an object that must contain the following mandatory fields:

  • email: User's email
  • password: User's password
  • connection: The name of the connection where to create the user.

Also, custom fields can be added with more information about the user.

var newUser = {
  email:          'john@doe.com',
  password:       'somepass',
  connection:     'mydb',
 
  /* custom field */
  favoriteColor:  'red'
};
api.createUser(newUser, function (erruserInfo) {
  if (err) {
    console.log('Error creating user: ' + err);
    return;
  }
 
  console.log('User favorite color: ' + userInfo.favoriteColor);
});

This method updates the email field of an user identified by userId. When verify boolean flag is on it sends an email to the affected user to confirm the change.

api.updateUserEmail("my-user-id", "john.new.email@foo.com", false, function (errresult) {
  if (err) {
    console.log('Error updating email: ', + err);
    return;
  }
  console.log(result);
});

This method updates the user password of an user identified by userId. When verify boolean flag is on it sends an email to the affected user to confirm the change.

api.updateUserPassword("my-user-id", "johnthisisyournewpassword!shhh", false, function (errresult) {
  if (err) {
    console.log('Error updating password: ', + err);
    return;
  }
  console.log(result);
});

Note: Result is not the password but a string with a success message.

This method retrieves the metadata for a user. metadata is an object that includes custom fields for the user referenced by userId.

api.getUserMetadata("a-user-id", function(errmetadata) {
  // returns error if there was a problem, otherwise the user's metadata 
});

This method updates the metadata for a user. metadata is an object, and the fields in that object will be set on the user referenced by userId. Note: the entire metadata object is replaced with this method. To update select fields, use the patchUserMetadata method.

api.updateUserMetadata("a-user-id", {my_special_data: {a: "b", c: "d"}}, function(err) {
  // if there was a problem, err will be non-null 
});

This method patches the metadata for a user. metadata is an object, and only the fields included in the patch will be updated for the user referenced by userId.

api.patchUserMetadata("a-user-id", {my_special_data: {a: "e"}}, function(err) {
  // if there was a problem, err will be non-null 
});

This method removes a user by ID. Be careful!

api.deleteUser("i-dont-like-this-guy", function(err) {
  // yep, err will be truthy if there was a problem 
});
api.getConnection('my-connection', function (errconnection) {
  //..... 
});
api.getStrategies(function (errstrategies) {
  //..... 
});
api.deleteTenant(name, function (err) {
  //..... 
});
api.createClient(client, function (errnewClient) {
  //..... 
});
api.updateClient(client, function (err) {
  //..... 
});
api.deleteClient(clientID, function (err) {
  //..... 
});

Returns a list of all the tenant's clients.

api.getClients(function (errclients) {
  //..... 
});

Returns client by clientID.

api.getClients(clientID, function (errclient) {
  //..... 
});

Returns a list of all the user's clients.

api.getClientsByUserId(userId, function (errclients) {
  //..... 
});

Creates a new transformation Rule

var rule = {
  name: "A rule",
  status: true,
  script: "function(user, context, done) {}"
};
 
api.createRule(rule, function (errrule) {
  //..... 
});

Returns a specific transformaion rule

api.getRule(ruleName, function (errrule) {
  //..... 
});

Returns a specific transformaion rule

api.deleteRule(ruleName, function (err) {
  //..... 
});

Updates an existing rule

api.updateRule(rule, function (errrule) {
  //..... 
});

Gets a profile using an user Access Token. For instance, an user access token is returned (together with the id token) by the /ro end point.

 
var options = {domain: 'my-domain.auth0.com', userAccessToken: 'XXXXXX'};
 
Auth0.getUserInfo(options, function (errprofile) {
  if (err) { throw err; }
 
  // Use user profile here 
});

This library is useful to consume the rest api of auth0, in order to authenticate users you can use the passport strategy.

A complete example of using this library here.

For more information about auth0 contact our documentation page.

Auth0 helps you to:

  • Add authentication with multiple authentication sources, either social like Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, amont others, or enterprise identity systems like Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider.
  • Add authentication through more traditional username/password databases.
  • Add support for linking different user accounts with the same user.
  • Support for generating signed Json Web Tokens to call your APIs and flow the user identity securely.
  • Analytics of how, when and where users are logging in.
  • Pull data from other sources and add it to the user profile, through JavaScript rules.
  1. Go to Auth0 and click Sign Up.
  2. Use Google, GitHub or Microsoft Account to login.

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

Auth0

This project is licensed under the MIT license. See the LICENSE file for more info.