Protected _assertProtected _assertawait auth0.checkSession();
Check if the user is logged in using getTokenSilently. The difference
with getTokenSilently is that this doesn't return a token, but it will
@@ -33,19 +33,19 @@
means that checkSession could silently return without authenticating the user on page refresh when
using a private tab, despite having previously logged in. As a workaround, use getTokenSilently instead
and handle the possible login_required error as shown in the readme.
Optional options: GetTokenSilentlyOptionsInitiates a redirect to connect the user's account with a specified connection. +
Optional options: GetTokenSilentlyOptionsInitiates a redirect to connect the user's account with a specified connection. This method generates PKCE parameters, creates a transaction, and redirects to the /connect endpoint.
You must enable Offline Access from the Connection Permissions settings to be able to use the connection with Connected Accounts.
Options for the connect account redirect flow.
Resolves when the redirect is initiated.
If the connect request to the My Account API fails.
-Returns a new Fetcher class that will contain a fetchWithAuth() method.
This is a drop-in replacement for the Fetch API's fetch() method, but will
handle certain authentication logic for you, like building the proper auth
headers or managing DPoP nonces and retries automatically.
Check the EXAMPLES.md file for a deeper look into this method.
Exchanges an external subject token for an Auth0 token via a token exchange request.
+Exchanges an external subject token for an Auth0 token via a token exchange request.
The options required to perform the token exchange.
A promise that resolves to the token endpoint response, which contains the issued Auth0 tokens.
@@ -65,41 +65,41 @@Example Usage:
// Define the token exchange options
const options: CustomTokenExchangeOptions = {
subject_token: 'eyJhbGciOiJIUzI1NiIsInR5cCI6Ikp...',
subject_token_type: 'urn:acme:legacy-system-token',
scope: "openid profile",
organization: "org_12345"
};
// Exchange the external token for Auth0 tokens
try {
const tokenResponse = await instance.exchangeToken(options);
// Use tokenResponse.access_token, tokenResponse.id_token, etc.
// The organization ID will be present in the access token payload
} catch (error) {
// Handle token exchange error
}
Returns a string to be used to demonstrate possession of the private +
Returns a string to be used to demonstrate possession of the private key used to cryptographically bind access tokens with DPoP.
It requires enabling the Auth0ClientOptions.useDpop option.
-Optional nonce?: stringReturns the current DPoP nonce used for making requests to Auth0.
It can return undefined because when starting fresh it will not
be populated until after the first response from the server.
It requires enabling the Auth0ClientOptions.useDpop option.
Optional id: stringThe identifier of a nonce: if absent, it will get the nonce used for requests to Auth0. Otherwise, it will be used to select a specific non-Auth0 nonce.
-const claims = await auth0.getIdTokenClaims();
+Fetches a new access token and returns the response from the /oauth/token endpoint, omitting the refresh token.
-Fetches a new access token and returns it.
-Optional options: GetTokenSilentlyOptionsconst token = await auth0.getTokenWithPopup(options);
+Fetches a new access token and returns the response from the /oauth/token endpoint, omitting the refresh token.
+Fetches a new access token and returns it.
+Optional options: GetTokenSilentlyOptionsconst token = await auth0.getTokenWithPopup(options);
Opens a popup with the /authorize URL using the parameters
provided as arguments. Random and secure state and nonce
parameters will be auto-generated. If the response is successful,
results will be valid according to their expiration times.
const user = await auth0.getUser();
+After the browser redirects back to the callback page, +
After the browser redirects back to the callback page,
call handleRedirectCallback to handle success and error
responses from Auth0. If the response is successful, results
will be valid according to their expiration times.
const isAuthenticated = await auth0.isAuthenticated();
+try {
await auth0.loginWithPopup(options);
} catch(e) {
if (e instanceof PopupCancelledError) {
// Popup was closed before login completed
}
}
Opens a popup with the /authorize URL using the parameters
provided as arguments. Random and secure state and nonce
@@ -108,21 +108,21 @@
IMPORTANT: This method has to be called from an event handler that was started by the user like a button click, for example, otherwise the popup will be blocked in most browsers.
-Optional options: PopupLoginOptionsOptional config: PopupConfigOptionsawait auth0.loginWithRedirect(options);
+Optional options: PopupLoginOptionsOptional config: PopupConfigOptionsawait auth0.loginWithRedirect(options);
Performs a redirect to /authorize using the parameters
provided as arguments. Random and secure state and nonce
parameters will be auto-generated.
await auth0.logout(options);
+await auth0.logout(options);
Clears the application session and performs a redirect to /v2/logout, using
the parameters provided as arguments, to clear the Auth0 session.
If the federated option is specified it also clears the Identity Provider session.
Read more about how Logout works at Auth0.
Sets the current DPoP nonce used for making requests to Auth0.
+Sets the current DPoP nonce used for making requests to Auth0.
It requires enabling the Auth0ClientOptions.useDpop option.
The nonce value.
Optional id: stringThe identifier of a nonce: if absent, it will set the nonce used for requests to Auth0. Otherwise, it will be used to select a specific non-Auth0 nonce.
-
Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE.
-