Auth0 Provider and Strapi Tutorial

Software applications need a way to identify users, store user data uniquely and serve these data to the right user at the right time. This process birthed authentication and authorization in software development. Almost every application today has an authentication flow and if you look closely, you will notice the similarity in the flow of authentication across different applications.


This is a companion discussion topic for the original entry at https://strapi.io/blog/auth0-provider-and-strapi-tutorial-1
1 Like

Thanks for the post :slight_smile:
I’m wondering if strapi provides a logout endpoint that would also trigger the auth0 logout for us

1 Like

yeah I’m also looking for this

I end up doing it manually .

const handleLogout = () => {
  logout();
  window.location.href = config.AUTH0_LOGOUT_URL;
};

Logout Url has this sintax

https://yourAppName.us.auth0.com/v2/logout?client_id=YOUR_AUTH0_CLIENT_ID&returnTo=YOUR_RETURN_URL

on sign up user only created on auth0 but not in strapi users.

hi Bafian are you using Auth0 with you strapi?
i have some questions about it?

I’m seeing the same, I get redirected to my front_end with ?id_token=value but the user does not appear in strapi?

@jahz and @Avinash_Utekar1 I will go through the tutorial and try to figure out what is happening. Will post here once I am done. And of this week or beginning of next.

after redirect you will get id_token and access_token in the redirected url , to create or authenticate user in strapi hit below api with access_token
localhost:1337/api/auth/auth0/callback?access_token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIiwiaXNzIjoiaHR0cHM6Ly9wcmVmbGV0LmV1LmF1dGgwLmNvbS8ifQ…0ip_tzWwu7Xd1ESU.yLAYVuuIl3WRMjifgLnvs6ff5DBKZSSCFvLc1HzLAg6l32UHF-RnkLNinYnfkFK56yaUIu35K9E1nu0mrRg5NS7bMU63p7s8alZsJcHDvkZqKvRKxe-PXxPpcT0vSJXxu4XEVGoLwG86G4aWegT818KZgcWE4oethAwThawSLbH17U0VYZ-VvRX6T8NcuXtNYSLitZoLt8UsK1mVXeWLOtX9N0wdHk6DA2fhLQe1_2MBGuAXQmAtTNhNMMF16meESznjO_B7mQ.H9cd8k5uXanT63i247e6EA

it will create user at strapi side and return bearer token.
for login also do the same

1 Like

The issue was that the redirect for the frontend app url was wrong.

I changed it to http://localhost:3000/connect/auth0/redirect to match my redirect route in the front end app.

          <Route exact path="/connect/:providerName/redirect" component={LoginRedirect} />

After that everything started to work as expected.

After logging in, it creates the user.

Hope this helps.


2 Likes

Figured it out already :smiley: forgot to update this thread. Thanks
So yes its exactly everything you guys added above.

In my case, I’m using next js, so I just have to get the id_token from the redirect and make my application do another fetch request to https://mystrapiendpoint/api/auth/auth0/callback?id_token and that would complete the cycle and issue the jwt from strapi that my application could use!

1 Like

Greetings!
Thanks for the tutorial. Btw, I faced with this kind of issue:
Grant: missing session or misconfigured provider

It appears, when Im trying to send the request on

/api/connect/auth0/callback? + tokenQuery

Does anyone know how to fix it? I will be so glad for any advice =)

Thanks for response, but calling this callback url, i have a possibility to pass the strapi role? For example i have user in auth0 with Admin role and when i am logging in with strapi i want to pass admin role if it does not exist.

this solution worked for me