Auth0 allows you to add authentication to almost any application type quickly. This guide demonstrates how to integrate Auth0, add user login, logout, and profile to a Node.js Express application using the Express OpenID Connect SDK.
To use Auth0 services, you’ll need to have an application set up in the Auth0 Dashboard. The Auth0 application is where you will configure how you want authentication to work for the project you are developing.
Use the interactive selector to create a new Auth0 application or select an existing application that represents the project you want to integrate with. Every application in Auth0 is assigned an alphanumeric, unique client ID that your application code will use to call Auth0 APIs through the SDK.
Any settings you configure using this quickstart will automatically update for your Application in the Dashboard, which is where you can manage your Applications in the future.
If you would rather explore a complete configuration, you can view a sample application instead.
A callback URL is a URL in your application that you would like Auth0 to redirect users to after they have authenticated. If not set, users will not be returned to your application after they log in.
A logout URL is a URL in your application that you would like Auth0 to redirect users to after they have logged out. If not set, users will not be able to log out from your application and will receive an error.
Your application will need the express-openid-connect
package which is an Auth0-maintained OIDC-compliant SDK for Express.
Install the Express OpenID Connect SDK by running the following commands in your terminal:
cd <your-project-directory>
npm install express-openid-connect
Was this helpful?
The Express OpenID Connect library provides the auth
router in order to attach authentication routes to your application. You will need to configure the router with the following configuration keys:
authRequired
- Controls whether authentication is required for all routesauth0Logout
- Uses Auth0 logout featurebaseURL
- The URL where the application is servedsecret
- A long, random stringissuerBaseURL
- The Domain as a secure URL found in your Application settingsclientID
- The Client ID found in your Application settingsFor additional configuration options visit the API documentation.
A user can now log into your application by visiting the /login
route provided by the library. If you are running your project on localhost:3000
that link would be http://localhost:3000/login
.
To display the user's profile, your application should provide a protected route.
Add the requiresAuth
middleware for routes that require authentication. Any route using this middleware will check for a valid user session and, if one does not exist, it will redirect the user to log in.
A user can log out of your application by visiting the /logout
route provided by the library. If you are running your project on localhost:3000
that link would be http://localhost:3000/logout
.
Excellent work! If you made it this far, you should now have login, logout, and user profile information running in your application.
This concludes our quickstart tutorial, but there is so much more to explore. To learn more about what you can do with Auth0, check out:
Sign up for an or to your existing account to integrate directly with your own tenant.