🔗
Linker Studio
  • Welcome!!
  • 🚀GETTING STARTED
    • Set up your custom project from Linker Studio
    • How to run the project
    • Linker Features
      • Glossary
      • Web
      • Mobile
        • Aggregators
        • Analytics
        • Authentication
        • BaaS
        • Carousel
        • Client Support
        • Error and Crash Reporting
        • Info Onboarding
        • KYC
        • Payroll
        • Pii Onboarding
        • Push Notifications - OneSignal
        • Settings
        • Subscriptions
      • Backend
        • Authentication
        • MFA
        • BaaS
        • Aggregators
        • Notifications
        • Payments
        • Deposit Switching
        • Support
        • Vault
        • Storage
        • Monitoring
        • Analytics
  • 🖥️WEB FEATURES
    • Page 2
  • 📱Mobile App Features
    • Project File Structure
    • Figma Tokens Integration
    • Core Module
      • Core UI Components
        • Atoms
        • Molecules
        • Organisms
        • Templates
      • Core Elements
      • Hooks
        • Force update
      • Endpoints used
      • States And Selectors
        • contentsDocuments
    • Modules
      • [New Feature Template]- Feature Name
        • UI Components - Template
          • Atoms
          • Molecules
          • Organisms
          • Templates
        • Hooks - Template
        • Endpoints Used
        • States and Selectors - Template
      • 📥KYC
        • Alloy
        • Baas
          • UI Components
            • Templates
          • Hooks - Template
          • Endpoints Used
          • States and Selectors - Template
        • common
          • UI Components
            • Templates
          • Endpoints Used
      • 🤝Aggregators
        • Plaid
          • Plaid/Rize notification before disabling account
      • 🤖Analytics
        • Amplitude
      • 🔐Authentication
        • Hooks
        • Auth0
          • Hooks
            • Login
            • Forgot password
          • 📧Verify Email
            • Hooks
        • Biometrics
          • Hooks
        • Auto Logout
        • States And Selectors
          • Authentication
      • 💰BaaS
        • Common
          • BaaS Navigation
          • External Accounts
          • UI Components
            • Molecules
            • Organisms
            • Templates
          • Hooks
            • Statements
            • Recurrent Transfers
            • Cards
              • Get Full Card
              • Lock and Unlock
              • Request Physical Debit Card
              • Reissue Debit Card
              • Set / Reset Debit Card Pin
            • Transfer
          • States And Selectors
            • Customer
            • Accounts
            • Cards
            • Transactions
          • Endpoints used
          • Constants
            • ACH_SERVICES
        • treasury
          • Constants
            • CONFIG_VALUES
      • 🛂Client Support
      • 🐛Error and Crash Reporting
        • Crashlytics
      • ℹ️Info Onboarding
        • States and Selectors
        • Hooks
          • Physical Card Request
      • 🌯Linker Wrapper
        • Linker Wrapper Messages Structure
        • Linker Wrapper Features
          • Push Notifications
            • Braze
          • In-App Purchase
      • 🛗MFA Verification Code
        • UI Components
          • Molecules
          • Templates
        • Hooks
        • Endpoints used
        • Configurable Constants
      • 🗞️Payroll
        • UI Components
          • Organisms
          • Templates
        • Hooks
        • States and Selectors
      • 📋PII Onboarding
        • UI Components
          • Atoms
          • Molecules
          • Organisms
          • Templates
        • Hooks
        • States and Selectors
      • 🔔Push Notifications
        • OneSignal
      • 🔧Settings
      • 🗄️Vault
        • VGS Show
        • VGS Collect
    • Cookbook
      • 🏦Neobank
        • Linked Functionalities
          • Edit Personal Details Linking
          • Request Physical Debit Card Linking
          • Get customer Data after SignUp/Login
  • ⛓️Backend API
    • Environments
    • Migrations
      • Configuration
      • Migration Commands
      • Base Model
      • Migration Structure
    • Seeds and Factories
      • Configuration
      • Seeds And Factories
    • SoftDelete
    • DB Fields Encryption
    • DB Structure
    • DB Configuration Table
      • API Endpoints
    • Orchestrator
    • Swagger
      • Setup
      • Decorators for Requests and Responses
      • Decorators for Controllers and HTTP Responses
      • Auth Decorator
      • Multiple Decorators
  • 🪙Finance Integrations
    • Recurring Transfers
      • Architecture
      • Jobs Server
      • Functionality
      • BaaS
        • Rize API Endpoints
        • Treasury Prime API Endpoints
        • Business Treasury Prime API Endpoints
    • BaaS
      • Rize
        • Env Variables
        • Rize API authentication
        • Onboarding
          • Customer Enrollment
          • Get Compliance Workflow
          • Acknowledge Compliance Workflow
          • Customer Complete Enrollment
        • KYC - Know Your Customer
          • Get KYC Documents
          • Upload KYC Document
        • Accounts
          • Get Customer Accounts
          • Get Customer Account By ID
          • Create Customer Account
          • Archive Customer Account
          • Get ACH Customer Accounts
        • Debit Cards
          • Get Debit Cards
          • Get Debit Card Image
          • Lock Debit Card
          • Unlock Debit Card
          • Create Physical Card
          • Activate Debit Card
          • Get Debit Card Set-Pin URL
          • Reissue Debit Card
        • Transactions
          • Get Transactions
        • Transfers
          • Internal Transfers
          • ACH transfers
        • Statements
          • Get Statements
          • Get Statement Document
        • Fake Transactions
        • Message Queue
        • Web Sockets
        • API Endpoints
          • Account Enums
          • Debit Card Enums
          • Transaction Enums
          • KYC Enums
      • Galileo
        • Environment Variables
        • Onboarding
          • Get Customer
          • Customer Enrollment
          • Customer Complete Enrollment
        • Customer Management
          • Get Profile
          • Update Profile
        • Accounts
        • Add Accounts
        • Card Management
          • Get Debit Cards
          • Get Image Card
          • Card Statuses
          • Debit Card Activation
          • Request Physical Card
          • Set PIN
          • Lock/Unlock
        • Transfer
        • Transactions
          • Get Transactions
          • Filter Transactions
        • ACH
          • Add ACH Account
          • Get ACH Accounts
          • Remove ACH Account
          • ACH Transactions
        • Statements
        • Plaid Integration
      • Synapse
        • Environment Variables
        • Terminology
        • Resources
        • API Endpoints
    • Aggregators
      • Add Account Service and new DB Table
      • Plaid
        • Plaid Configuration
        • Application Creation
        • Custom Application
        • Configure Single or Multi Accounts
        • Security Settings
        • Verification of Environment Variables
        • API Endpoints
        • Resources
        • Integrations
          • Rize
      • MX
        • Env Configuration
        • API Endpoints
  • 🔐Authentication
    • Auth0
      • Configuration
      • Protecting an endpoint
      • Email verification
      • API Reference
    • Twilio
      • 2FA
        • Verify Service Configuration
        • Verification Workflow
        • API Endpoints
  • 🪪 KYC
    • Persona
      • Configuration
      • Environment Variables
      • KYC Flow
  • ✉️ Mailings
    • Sendgrid
      • Configuration
      • Environment Variables
      • Send Email with Attachments
  • 🆘Supports
    • Zendesk
      • Configuration
      • API Endpoints
  • 📳NOTIFICATIONS
    • OneSignal
      • Schema
      • Setup
      • Environment Variables
      • API Endpoints
  • 🔐Security
    • VGS
      • Configuration
      • Rize Route Configuration
      • VGS Vault Basics
      • VGS Show
  • 🖥️MONITORING
    • New Relic
      • Configuration
      • Interceptor
  • 🧑‍🔧CONTENT ADMINISTRATOR
    • Notifications
    • Onboardings
      • DB Schema
      • Admin - API Endpoints
      • Client - API Endpoints
    • Documents
      • Document Category
      • Document
      • Client - API Endpoints
      • Admin - API Endpoints
    • App Versions
      • Device App Versions
      • API - Administrator
      • API - Client
  • 💵Payments
    • Stripe
      • Configuration
      • Customers
      • Sources
      • Authorization
      • Charges
      • API Endpoints
Powered by GitBook
On this page

Was this helpful?

  1. Authentication
  2. Auth0

Configuration

PreviousAuth0NextProtecting an endpoint

Last updated 2 years ago

Was this helpful?

To set up Auth0 in the backend, you will need to get the following Auth0 environment variables and add the email to the access token.

AUTH0_DOMAIN=your_domain
AUTH0_CLIENT_ID=your_client_id
AUTH0_CLIENT_SECRET=your_client_secret
AUTH0_AUDIENCE=your_audience

Domain

To get the domain, you have to go to the API section found under the applications tab on the Auth0 dashboard, and create a new API.

This will create the API and an application with Machine to Machine (M2M) type.

Once done, you can access the application that was automatically created, copy the domain and paste it on the environment variables.

Management Client ID and Management Client Secret

By default, auth0 provides an api and an application called "Auth0 Management API". This will let you do all the things you're able to do on the dashboard, but with an API.

To use it, you have to get the keys and activate some permissions.

To get the keys, you have to enter to the "Auth0 Management API" found in the application section.

There you will see the Client ID and the Client secret. Copy both and paste them in the environment variables.

Also, you will need to activate some permissions to use certain functionalities such as the "Send verification email" endpoint.

For that, you have to go to Applications > APIs section > Auth0 Management API > Machine To machine Applications > Auth0 Management API (Test Application), and activate the "update:users" permission:

Management Audience

You can copy the Auth0 Management API audience in the APIs section.

Adding the email to the access token

When the users call the /auth/register endpoint, the API gets the user's email from the access token, and saves it to the database. But, by default, the email is not included on the Auth0 access token.

To add it, we need to create an Auth0 action flow. For that, you need to go to the Auth0 actions library and create one with the "Build Custom" button.

Once done, a modal should appear. Fill every field like shown in the image:

Open the custom action, paste this code and press deploy.

Replace the namespaces with your tenant.

exports.onExecutePostLogin = async (event, api) => {
  const namespaces = "https://test-roles.us.auth0.com";

  if (event.authorization && event.user.email) {
    api.accessToken.setCustomClaim("email", event.user.email);
    api.accessToken.setCustomClaim(`userRoles`, event.authorization.roles);
    api.accessToken.setCustomClaim(`${namespaces}/roles`, event.authorization.roles);
  }
};

Now you just need to add your custom action into a flow. For that you need to go to the flows section and choose "Login".

Then drag the custom action to the flow.

🔐
API created - Found in API section
Application created - Found in application section
Auth0 Management API
Auth0 Management API Permissions
Auth0 Actions Dashboard
Auth0 Action Modal
Auth0 Flows
Auth0 Login Flow