Extensibility Points
If you want to extend Auth0, we highly recommend you use Actions, which are a cornerstone of our overall extensibility product. With Actions, you have access to rich type information, inline documentation, and public npm packages, and can connect external integrations that enhance your overall extensibility experience. To learn more about what Actions offer, read Understand How Auth0 Actions Work.
Extensibility points are places in the Auth0 platform where Hooks can be executed. To learn more about Hooks, see Auth0 Hooks.
Whether Hooks can be used with connections varies according to extensibility point. Hooks that can be used with connections only work with database and passwordless connections. To learn more, read Database Connections and Passwordless Connections.
Extensibility points can also block processes from executing. Synchronous extensibility points are blocking, which means they execute the hook as part of the trigger's process and will prevent that process from executing until the Hook is complete. Asynchronous extensibility points do not wait for the Hook to finish its execution before proceeding.
The following extensibility points are available:
| Extensibility Point | Trigger ID | Connection Type(s) | Blocking? | Description |
|---|---|---|---|---|
| Client Credentials Exchange | credentials-exchange |
N/A | Yes | Extend machine-to-machine token exchanges. Prevent a token exchange or change the scopes and add custom claims to access tokens issued by the Auth0 API's POST /oauth/token endpoint. |
| Pre-User Registration | pre-user-registration |
Database, Passwordless | Yes | Prevent user creation or registration, or add custom metadata to a newly-created user. |
| Post-User Registration | post-user-registration |
Database, Passwordless | No | Implement custom actions from the Auth0 authentication process after a new user is created or registers and is added to the database. |
| Post-Change Password | post-change-password |
Database | No | Implement custom actions to be executed after a successful user password change. |
| Send Phone Message | send-phone-message |
N/A | Yes | Implement a custom SMS provider to deliver MFA one-time-use codes. |