auth0

Client library for the Auth0 platform

Node.js client library for the Auth0 platform.

npm install auth0

Initialize your client class with the credentials in the settings section of the dashboard.

var Auth0 = require('auth0');
 
var api = new Auth0({
  domain:       'yourdomain.auth0.com',
  clientID:     'your-client-id',
  clientSecret: 'your-client-secret'
});

Return a list of all the connections in your application:

api.getConnections(function (errconnections){
  //..... 
});

Additionally there is a getSocialConnections and getEnterpriseConnections.

Let's say one of your customers wants to use its own directory to authenticate to your app. You will have to create a connection in Auth0 for this customer and if you want to automate that for N customers, you will want to use the API. Typically, you will ask the customer domain name and depending on the directory you are connecting to, some metadata. Together with other information, like the attributes your app needs, a set of credentials, etc. you can call the API.

var myNewConnection =  {
    //a friendly name to identify the connection 
    'name': 'thesuperstore-connection',
 
    //this is the strategy: office365, google-apps, adfs 
    'strategy': 'office365', 
    
    'options': {
      // depending on the strategy, you will need a set of credentials to authenticate  
      // your app against the directory (office365 and google apps use this) 
      'tenant_domain': 'bigcompany.com or bicompany.onmicrosoft.com'
    };
 
api.createConnection(myNewConnection, function (errconnection) {
  //..... 
});

Because this example uses Office 365, the returned connection object will have a provisioning_ticket_url field to which you have to redirect the client in order to complete the authorization process.

This method returns a single user, referenced by its ID.

api.getUser("long-20-byte-id", function(erruser) {
  // user is a user! error might be an error! 
});

This method returns a list of users.

If connection name is passed on the options, it will search the users on the directory of the connection. Suppose it is a Windows Azure Active Directory connection it will fetch all the users from the directory. If the connection doesn't have a directory or it is a Social connection like Google Auth 2 it will return all the users that have logged in to your application at least once.

The amount of items per page is optional (defaults to 100) and it is not supported for all directories, eg: connections using Google Apps ignores this argument and uses 100.

api.getUsers({connection: 'a-waad-connection'}, function (errresult) {
  //result is an array with the user objects 
});

The callback has the common signature for node.js method [err, result] where result is an array of users with an special hidden property called nextPageLink. These links are safe to be shared since they will work for a short period of time and have an special signature that make them safe.

Although you can do a simple GET to that link to fetch the next page, you can use the library as well:

api.getUsers({connection: 'a-waad-connection'}, function (errfirstPageOfResults) {
  api.getUsers({page: firstPageOfResults.nextPageLink}, function (errsecondPageOfResults) {
  });
});

The same than getUsers but this method returns users for all social connections, ie: not enterprise connections.

Returns the impersonation link:

api.impersonateUser('github|123', {
  protocol: 'oauth2',
  impersonator_id: 'gonto',
  client_id: 'client',
  additionalParameters: {
    response_type: 'code'
  }
}, function (errresult){
  //..... 
});

Check it on the API Explorer;

Retrieves an Access Token to make direct HTTP calls to Auth0 API.

 
api.getAccessToken(function (errtoken) {
  if (err) {
    console.log('Error fetching token: ' + err);
    return;
  }
 
  // Do something with token 
  ...
});
 

Creates a new user. userData is an object that must contain the following mandatory fields:

  • email: User's email
  • password: User's password
  • connection: The name of the connection where to create the user.

Also, custom fields can be added with more information about the user.

var newUser = {
  email:          'john@doe.com',
  password:       'somepass',
  connection:     'mydb',
 
  /* custom field */
  favoriteColor:  'red'
};
api.createUser(newUser, function (erruserInfo) {
  if (err) {
    console.log('Error creating user: ' + err);
    return;
  }
 
  console.log('User favorite color: ' + userInfo.favoriteColor);
});

This method updates the email field of an user identified by userId. When verify boolean flag is on it sends an email to the affected user to confirm the change.

api.updateUserEmail("my-user-id", "john.new.email@foo.com", false, function (errresult) {
  if (err) {
    console.log('Error updating email: ', + err);
    return;
  }
  console.log(result);
});

This method updates the user password of an user identified by userId. When verify boolean flag is on it sends an email to the affected user to confirm the change.

api.updateUserPassword("my-user-id", "johnthisisyournewpassword!shhh", false, function (errresult) {
  if (err) {
    console.log('Error updating password: ', + err);
    return;
  }
  console.log(result);
});

Note: Result is not the password but a string with a success message.

This method retrieves the metadata for a user. metadata is an object that includes custom fields for the user referenced by userId.

api.getUserMetadata("a-user-id", function(errmetadata) {
  // returns error if there was a problem, otherwise the user's metadata 
});

This method updates the metadata for a user. metadata is an object, and the fields in that object will be set on the user referenced by userId. Note: the entire metadata object is replaced with this method. To update select fields, use the patchUserMetadata method.

api.updateUserMetadata("a-user-id", {my_special_data: {a: "b", c: "d"}}, function(err) {
  // if there was a problem, err will be non-null 
});

This method patches the metadata for a user. metadata is an object, and only the fields included in the patch will be updated for the user referenced by userId.

api.patchUserMetadata("a-user-id", {my_special_data: {a: "e"}}, function(err) {
  // if there was a problem, err will be non-null 
});

This method removes a user by ID. Be careful!

api.deleteUser("i-dont-like-this-guy", function(err) {
  // yep, err will be truthy if there was a problem 
});
api.getConnection('my-connection', function (errconnection) {
  //..... 
});
api.getStrategies(function (errstrategies) {
  //..... 
});
api.deleteTenant(name, function (err) {
  //..... 
});
api.createClient(client, function (errnewClient) {
  //..... 
});
api.updateClient(client, function (err) {
  //..... 
});
api.deleteClient(clientID, function (err) {
  //..... 
});

Returns a list of all the tenant's clients.

api.getClients(function (errclients) {
  //..... 
});

Returns client by clientID.

api.getClients(clientID, function (errclient) {
  //..... 
});

Returns a list of all the user's clients.

api.getClientsByUserId(userId, function (errclients) {
  //..... 
});

Creates a new transformation Rule

var rule = {
  name: "A rule",
  status: true,
  script: "function(user, context, done) {}"
};
 
api.createRule(rule, function (errrule) {
  //..... 
});

Returns a specific transformaion rule

api.getRule(ruleName, function (errrule) {
  //..... 
});

Returns a specific transformaion rule

api.deleteRule(ruleName, function (err) {
  //..... 
});

Updates an existing rule

api.updateRule(rule, function (errrule) {
  //..... 
});

Gets a profile using an user Access Token. For instance, an user access token is returned (together with the id token) by the /ro end point.

 
var options = {domain: 'my-domain.auth0.com', userAccessToken: 'XXXXXX'};
 
Auth0.getUserInfo(options, function (errprofile) {
  if (err) { throw err; }
 
  // Use user profile here 
});

This library is useful to consume the rest api of auth0, in order to authenticate users you can use the passport strategy.

A complete example of using this library here.

For more information about auth0 contact our documentation page.

This client library is MIT licensed.