Auth0 Design

Features and Benefits

Auth0 provides the following desirable features:

  • Works with Ionic apps
  • Passes back and forth an opaque and short-lived access token, unique for each user and session.
  • Provides Social Logins. (There is a limit of two, but Google and Facebook are good entry points).
  • Password-less authentication via email (text is another option)
  • Infrastructure and support for
    • handling multiple apps
    • logging attempts and failures

Options that might be interesting:

  • There's an option for SSO - when using the Auth0 hosted "registration" page
  • Arbitrary JavaScript can be run when a user logs in:


Also see Registration Design.

Implementation Details

  • Auth0 supplies an Angular example, but for technical reasons, we needed an Ionic 3 example: Auth0 with Ionic 3. Currently, we're using Auth0 with Ionic 4.
  • Adding Auth0 to Ionic 4 App covers the approach for Ionic Multi-App.
  • Module sharing for Ionic 3 has been implemented using the Front End Common project (see Module Sharing Ionic2 — also appropriate for Ionic 3). The Multi-App approach is used for Ionic 4.
  • TODO: Fit this into the workflow I've established so far (registration-design)
  • Access Token is used for a session; can be used to retrieve User Info on the server.
  • When registering the app, you can be issued a "Refresh" token. This token can be used to obtain another short-lived Access token. The "Refresh" token needs to be securely stored and revokable.
  • Testing Auth0 - Including how to get the Cordova (native library) pieces involved.

Other potential considerations:

  • Customizing the Auth0 Login Page: what are the options available?
  • SSO is a future option.

Choices for Identifying yourself

Taken from this page:

  • If a `connection` query param is included, the initial screen is bypassed and you go straight to that connection.

Information Available from Auth0

    const options = {
      scope: 'openid profile email offline_access'

From Google

payload.given_name: Jett
payload.family_name: Marks
payload.nickname: jettmarks Jett Marks
payload.gender: male
payload.locale: en
payload.updated_at: 2018-01-08T21:24:04.748Z
payload.email_verified: true
payload.sub: google-oauth2|<digits>
payload.aud: <hash>
payload.iat: 1515446645
payload.exp: 1515482645
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License