Auth0 Design

Features and Benefits

Pursuing:

  • Password-less authentication via email (text is another option)
  • A couple of Social Media accounts come for free with auth0

Options that might be interesting:

  • There's an option for SSO - when using the Auth0 hosted "registration" page
  • Arbitrary JavaScript can be run when a user logs in: https://manage.auth0.com/#/rules

Diagram

auth0-design.png

Implementation Details

  • Auth0 supplies an Angular example, but for technical reasons, we need an Ionic 3 example: Auth0 with Ionic 3
  • Module sharing is implemented using the Front End Common project (see Module Sharing Ionic2 — also appropriate for Ionic 3)
  • TODO: Fit this into the workflow I've established so far (Registering your Device)
  • Access Token is used for a session; can be used to retrieve User Info on the server.
  • When registering the app, you can be issued a "Refresh" token. This token can be used to obtain another short-lived Access token. The "Refresh" token needs to be securely stored and revokable.
  • Testing Auth0 - Including how to get the Cordova (native library) pieces involved.

Other potential considerations:

  • Customizing the Auth0 Login Page: what are the options available?
  • SSO is a future option.

Choices for Identifying yourself

Taken from this page: https://auth0.com/docs/hosted-pages/login

  • If a `connection` query param is included, the initial screen is bypassed and you go straight to that connection.

Information Available from Auth0

    const options = {
      scope: 'openid profile email offline_access'
    };

From Google

payload.given_name: Jett
payload.family_name: Marks
payload.nickname: jettmarks
payload.name: Jett Marks
payload.picture: https://lh6.googleusercontent.com/-7JrKyOcbBks/AAAAAAAAAAI/AAAAAAAAABo/GPHHoWYpK7k/photo.jpg
payload.gender: male
payload.locale: en
payload.updated_at: 2018-01-08T21:24:04.748Z
payload.email: jettmarks@gmail.com
payload.email_verified: true
payload.iss: https://clueride.auth0.com/
payload.sub: google-oauth2|<digits>
payload.aud: <hash>
payload.iat: 1515446645
payload.exp: 1515482645
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License