You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Document the process for using Auth0, including the Application, Organization, login screens, and internal Auth DB.
I am gonna use blog to develop my devblog too, and wanted to test the differences between EntraID and Auth0, and noticed missing steps, details to increase security compared with MS EntraID.
Copy file name to clipboardExpand all lines: docs/Authorization/Auth0.md
+26-5Lines changed: 26 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,12 +2,33 @@
2
2
3
3
Auth0 is a prominent provider of OpenID Connect (OIDC) services, which is an authentication protocol built on top of OAuth 2.0. OpenID Connect is specifically designed for identity layer applications and provides a standardized way for users to authenticate and authorize themselves on websites or applications while allowing third-party applications to access limited user information in a secure manner.
4
4
5
-
For more information go to: https://auth0.com/docs/applications
5
+
For more information, go to: [https://auth0.com/docs/](https://auth0.com/docs/)
6
+
7
+
#### Register a client app in Auth0
8
+
9
+
- Navigate to the Auth0 portal. In the sidebar, select Applications. Select the Regular Web Application button.
10
+
- Provide a Name for the app (for example, Blog Client AAD).
11
+
- In the settings menu are available the Domain, Client ID, and Client Secret values.
12
+
- Set the `Allowed Callback URLs` list to Web and provide the following redirect URI: `https://localhost:PORT/callback` (please change the port number). If you know the production redirect URI for Auth0 default host (for example, azurewebsites.net) or the custom domain host (for example, contoso.com), you can write both redirect URIs separated by a comma: `https://localhost:PORT/callback, https://contoso.com`. Be sure to include the port number for non-:443 ports in any production redirect URIs you add.
13
+
- Set the `Allowed logout URLs` list to Web and provide the following redirect URI: `https://localhost:PORT/callback`, and if you know your production redirect URIs, write it too.
14
+
- In the Login Experience menu. Select the Business Users button. So, only users who belong to an organization and exist in our AuthDB.
15
+
- In the Connections menu, disable social logins and keep `Username-Password-Authentication`.
16
+
- In the sidebar, select Organizations. Select the Create a new Organization button.
17
+
- Provide a Name for the organization (for example, blog-client-login). It must be lowercase.
18
+
- In the settings menu, assign a user to the organization, which can be the same as you log in with.
19
+
- In the Connections menu, select the Connections button.
20
+
- Pick `Username-Password-Authentication`, our AuthDB and organization user are linked now.
21
+
- In the sidebar, select Authentication, and Select Database.
22
+
- In the Settings menu, we enable `Disable Sign Ups` so outsiders cannot register to our DB of Auth.
23
+
- In the Applications menu, we verify that our `Applications using this connection.` to our DB is enabled.
24
+
- This process allows users who belong to an organization and are already in our AuthDB to log in to our app.
25
+
26
+
For more about application registration, please visit: [https://auth0.com/quickstarts#webapp](https://auth0.com/docs/quickstarts#webapp)
6
27
7
28
### Configuration
8
29
9
30
In `appsettings.json` change the `Authentication:Provider` to `Auth0`
10
-
and add following configurations
31
+
and add the following configurations
11
32
12
33
```json
13
34
{
@@ -27,6 +48,6 @@ and add following configurations
0 commit comments