Skip to content

Setup Auth0 App

Jump to bottom Edit New page
Geremia Taglialatela edited this page Aug 25, 2023 · 11 revisions

Prerequisites

An Auth0 account

Create a new Auth0 application

  1. Login to https://auth0.com/
  2. Click on the top-left menu dropdown -> Create tenant
  3. Fill in Tenant Domain with your app's name (e.g., myicare), select an appropriate Region, and click on Create
  4. Click on Applications -> Applications on the left sidebar to expand Applications submenu
  5. You should already see a "Default App", click on its name
  6. Fill in Name with the name of your choice (e.g., My Icare)
  7. Change Application Type to "Regular Web Application"
  8. Fill in Allowed Callback URLs with your application's callback URL (e.g., https://myicare.herokuapp.com/users/auth/auth0/callback)
  9. Fill in Allowed Web Origins with your application's base URL (e.g., https://myicare.herokuapp.com)
  10. Click on Save Changes, we are done!

Add Name to Sign Up Form

  1. Login to https://auth0.com/
  2. On the left sidebar, choose Branding -> Universal Login
  3. Click on Advanced Options at the bottom of the page
  4. Select the Login tab
  5. Enable Customize Login Page
  6. Add the following at the end of var lock = assignment configuration: 
    defaultADUsernameFromEmailPrefix: false, // This may be the last entry in the default configuration
additionalSignUpFields: [{
  name: "name",
  storage: "root",
  placeholder: "Name"
}]
  7. Click on Save Changes

Ref:

Remove Google integration

By default Auth0 enables Google integration.

  1. Login to https://auth0.com/
  2. On the left sidebar, choose Connections -> Social
  3. Click the button with the three dots in the google-oauth2 entry
  4. Confirm by writing google-oauth2

Add Delete User permission (optional)

In Demo mode, we delete profiles on Auth0 provider for user privacy. You don't want this in a proper OAuth authentication flow, but if you need it, these are the steps to follow:

  1. Login to https://auth0.com/
  2. On the left sidebar, choose Applications -> APIs
  3. Click on Auth0 Management API
  4. Select Machine to Machine Applications tab
  5. Change your application name settings to Authorized
  6. Enable delete:users permission

Local Development

We suggest you to create a separate application for the development environment.

  • Allowed Callback URLs is by default http://localhost:3000/users/auth/auth0/callback
  • Allowed Web Origins is by default http://localhost:3000
  • Store your credentials in config/settings/local.rb or better in ENV variables referenced by local.rb 
    # Example config/settings/local.rb

SimpleConfig.for :application do
  group :auth0 do
    set :domain, 'EXAMPLE-TENANT.REGION.auth0.com'
    set :client_id, 'EXAMPLE-CLIENT-ID'
    set :client_secret, 'EXAMPLE-CLIENT-SECRET'
  end
end
Add a custom footer
Add a custom sidebar
Clone this wiki locally