Whats the best way to integrate auth0 into a Wappler project?

Has anyone figured out how to integrate auth0 into there project. I spend 2day trying a lot of different things base on my knowledge and following the auth0 documentation but just couldn’t figure out how to make .env file do what it supposed to.

How do you all call the .env variables into a app.js file or how should I handle these two files when requiring the .env into the app.js

Why do you need auth0 in first place? What is your use case?

1 Like

I believe you can use them as an oauth2 provider within Wappler. Check their api to find out the endpoints. (https://YOUR_DOMAIN/authorize and https://YOUR_DOMAIN/oauth/token)

Sure thing George. So I have experimented with a few credential systems, this includes building one of my own + Google Firebase authentication. But in the end auth0 is proven to be easiest to implement and provide a lot of Identity and Access Management (IAM) across all your webapp.

Basically you let auth0 manage the IAM security for you, they offer social login, Federated Identity, Single Sign On (SSO), Enterprise Federation, biometric for fingerprints and face sign in.

In my use case I want to use auth0 to manage a flow where if a customer sign up on my platform in this case auth0 is handling the sign up/sign in for my webapp. Here, the user signs up if they have on account, they are then redirected to the given dashboard base on the redirect route I set in auth0.

But what the user didn’t see is the machine to machine flow.

Because on that initial sign up I also used the auth0 API to create a stripe customer account using Stripe API and I then call the Stripe API to get the customer ID and save it back to my auth0 database as meta data.

This way, once I am using Stripe as my payment gateways and that user now wants to purchase a product from there dashboard they already have a customer ID and on check out get their info auto populate (email) with their Stripe info that is now in both auth0 and Stripe.

This is all done while using auth0 as a source of truth for my system + auth0 allow migration of user credentials from a database to the auth0 database this way person can use their same credentials from your old sign up systems to the new auth0 system without user having to reset password and do all things that comes with user migration.

Auth0 is basically your one stop shop and buy for a password system, Auth0 do it so you don’t have to worry about all the pain that comes with building your own which we all know be a real issue for clients and us developer if we don’t get it right.

I will test this out today and see if it solves my problem I haven’t played with Oauth yet In wappler because I have be busy using Google Firebase authentication as way of managing social logins.

But in the meantime come this way: @mebeingken @ben @psweb @Teodor all the big gunners I need help with this if any of you guys ever played with auth0 in Wappler.

1 Like

Hi @bradbrd992, I’m wondering if you had any luck here. I am trying to use Auth0 as well and I set it up in the Oauth area of Wappler, but I’m pretty new to Wappler and not sure how to pass the returned token along with an API call. I’m actually not sure how to test this if the connection to Auth0 is working at all. Any help would be much appreciated.

Hey @dayekaye sorry for the late reply. I have been under the weather for two plus weeks and I am not sure what’s going on with my health. I have been getting major headaches and body aches. With that said, as I try to type this reply I am in a lot of aches. So, basically while I would love to walk you through some of the Pros and Cons it’s seeming very unlikely at this point given my current health. First Wappler has made a lot of updates since I last made this query and since then I haven’t really gotten to try reimplementing auth0. In the meanwhile here are some readings you can read through to get a better idea of how to navigate the implementation.

**auth0 regular website Add Login Using the Authorization Code Flow

**auth0 Call Your API Using the Authorization Code Flow

**OAuth 2.0 defines four flows to get an access token for auth0

I hope you have made some headway since you last reached out or got some help from the Wappler Team.

I also did create a Feature Request for vote, for Wappler to add auth0 so much so, as they did for Stripe. If you want to vote on it here is the link Please Please Integrate Auth0 In Wappler for Node.js - Feature Request - Wappler Community

Good luck and I will try to circle back once I am feeling better.

Thanks so much for responding, considering your health @bradbrd992.
I was able to work with another community member to get Auth0 working for my site!
I was able to accomplish this in my Global Steps by

  1. Connecting an Auth0 provider - I had set this up in my Workflow tab as an OAuth2 Custom Provider. Nothing too special needs to be done here.
  2. Adding an Auth0 Authorize that used the Provider from step 1. On this step, I had to add to the scope field: “openid profile email”. I also had to add my audience parameter here.
  3. Finally I Used a Set Cookie step and used the Auth0.access_token value so I could use my Browsers inspector to retrieve the access token. This made testing the validity of the token much easier. I assume you would want a more secure way of doing this in a production environment.

From my index.ejs page I was able to add an API Action that used a Cookie Manager component as its reference to the access_token I stored in my Global Steps.

Huge thanks to @spearstone for helping me with this.
Hope this thread can help someone in the future.

1 Like

I am happy you got some help and happy you got it to work. Wappler is a great product for this development indeed. I hope someday the Wappler team will have some time to integrate the auth0 library because that would make it easy to implement auth0 in each project