@types/auth0-js

constructor

constructor(options: AuthOptions);

property dbConnection

dbConnection: DBConnection;

property passwordless

passwordless: PasswordlessAuthentication;

method buildAuthorizeUrl

buildAuthorizeUrl: (options: AuthorizeUrlOptions) => string;

• Builds and returns the /authorize url in order to initialize a new authN/authZ transaction

  Parameter options

  : https://auth0.github.io/auth0.js/global.html#buildAuthorizeUrl

  See Also

  • https://auth0.com/docs/api/authentication#authorize-client

  • https://auth0.com/docs/api/authentication#social

method buildLogoutUrl

buildLogoutUrl: (options?: LogoutOptions) => string;

• Builds and returns the Logout url in order to initialize a new authN/authZ transaction

  Parameter options

  : https://auth0.com/docs/api/authentication#!#get--v2-logout

method delegation

delegation: (
    options: DelegationOptions,
    callback: Auth0Callback<Auth0DelegationToken>
) => any;

• Makes a call to the /delegation endpoint

  Parameter options

  : https://auth0.com/docs/api/authentication#!#post--delegation

method getSSOData

getSSOData: {
    (callback?: Auth0Callback<SsoDataResult | undefined>): void;
    (
        withActiveDirectories: boolean,
        callback?: Auth0Callback<SsoDataResult, Auth0Error>
    ): void;
};

• Makes a call to the /ssodata endpoint

method getUserCountry

getUserCountry: (callback: Auth0Callback<{ countryCode: string }>) => void;

• Fetches the user country based on the ip.

method login

login: (options: DefaultLoginOptions, callback: Auth0Callback<any>) => void;

• Makes a call to the oauth/token endpoint with password-realm grant type

method loginWithDefaultDirectory

loginWithDefaultDirectory: (
    options: DefaultDirectoryLoginOptions,
    callback: Auth0Callback<any>
) => void;

• Makes a call to the oauth/token endpoint with password grant type

  Parameter options

  : https://auth0.com/docs/api-auth/grant/password

method loginWithResourceOwner

loginWithResourceOwner: (
    options: ResourceOwnerLoginOptions,
    callback: Auth0Callback<any>
) => void;

• Makes a call to the /ro endpoint

  Deprecated

  loginWithResourceOwner will be soon deprecated, user login instead.

method oauthToken

oauthToken: (options: any, callback: Auth0Callback<any>) => void;

• Makes a call to the oauth/token endpoint

method userInfo

userInfo: (
    accessToken: string,
    callback: Auth0Callback<Auth0UserProfile>
) => void;

• Makes a call to the /userinfo endpoint and returns the user profile

constructor

constructor(webAuth: any, options: any);

method callback

callback: () => void;

• Runs the callback code for the cross origin authentication call. This method is meant to be called by the cross origin authentication callback url.

method login

login: (options: CrossOriginLoginOptions, callback: Auth0Callback<any>) => void;

• Logs in the user with username and password using the cross origin authentication (/co/authenticate) flow. You can use either username or email to identify the user, but username will take precedence over email. This only works when 3rd party cookies are enabled in the browser. After the /co/authenticate call, you'll have to use the parseHash function at the redirectUri specified in the constructor.

  Parameter options

  options used in the authorize call after the login_ticket is acquired

  Parameter cb

  Callback function called only when an authentication error, like invalid username or password, occurs. For other types of errors, there will be a redirect to the redirectUri.

constructor

constructor(request: any, option: any);

method changePassword

changePassword: (
    options: ChangePasswordOptions,
    callback: Auth0Callback<any>
) => void;

• Initializes the change password flow

  Parameter options

  : https://auth0.com/docs/api/authentication#!#post--dbconnections-change_password

method signup

signup: (
    options: DbSignUpOptions,
    callback: Auth0Callback<DbSignUpResults>
) => void;

• Creates a new user in a Auth0 Database connection

  Parameter options

  https://auth0.com/docs/api/authentication#signup

constructor

constructor(options: ManagementOptions);

• Initialize your client class, by using a Non Interactive Client to fetch an access_token via the Client Credentials Grant.

method getUser

getUser: (userId: string, callback: Auth0Callback<Auth0UserProfile>) => void;

• Returns the user profile. https://auth0.com/docs/api/management/v2#!/Users/get_users_by_id

method linkUser

linkUser: (
    userId: string,
    secondaryUserToken: string,
    callback: Auth0Callback<any>
) => void;

• Link two users. https://auth0.com/docs/api/management/v2#!/Users/post_identities

method patchUserAttributes

patchUserAttributes: (
    userId: string,
    user: Auth0UserProfile,
    callback: Auth0Callback<Auth0UserProfile>
) => void;

• Updates the user attributes. It will patch the root attributes that the server allows it. https://auth0.com/docs/api/management/v2#!/Users/patch_users_by_id

method patchUserMetadata

patchUserMetadata: (
    userId: string,
    userMetadata: any,
    callback: Auth0Callback<Auth0UserProfile>
) => void;

• Updates the user metadata. It will patch the user metadata with the attributes sent. https://auth0.com/docs/api/management/v2#!/Users/patch_users_by_id

constructor

constructor(request: any, option: any);

method buildVerifyUrl

buildVerifyUrl: (options: PasswordlessVerifyOptions) => string;

• Builds and returns the passwordless TOTP verify url in order to initialize a new authN/authZ transaction

method start

start: (options: PasswordlessStartOptions, callback: Auth0Callback<any>) => void;

• Initializes a new passwordless authN/authZ transaction

  Parameter options

  : https://auth0.com/docs/api/authentication#passwordless

method verify

verify: (
    options: PasswordlessVerifyOptions,
    callback: Auth0Callback<any>
) => void;

• Verifies the passwordless TOTP and returns an error if any.

constructor

constructor(client: any, options: any);

method authorize

authorize: (
    options: {
        domain: string;
        clientId?: string | undefined;
        connection?: string | undefined;
        redirectUri: string;
        responseType: string;
        responseMode?: 'query' | 'fragment' | 'form_post' | undefined;
        state?: string | undefined;
        nonce?: string | undefined;
        scope?: string | undefined;
        audience?: string | undefined;
        owp?: boolean | undefined;
    },
    callback: Auth0Callback<Auth0Result>
) => void;

• Shows inside a new window the hosted login page (/authorize) in order to start a new authN/authZ transaction and post its result using postMessage.

  See Also

  • https://auth0.com/docs/api/authentication#authorize-client

method callback

callback: (options: {
    hash: string;
    state?: string | undefined;
    nonce?: string | undefined;
    _idTokenVerification?: string | undefined;
}) => void;

• Handles the popup logic for the callback page.

  See Also

  • parseHash

method loginWithCredentials

loginWithCredentials: (
    options: {
        redirectUri?: string | undefined;
        responseType?: 'code' | 'token' | undefined;
        responseMode?: 'query' | 'fragment' | undefined;
        scope?: string | undefined;
    },
    callback: Auth0Callback<any>
) => void;

• Performs authentication with username/email and password with a database connection inside a new window

  This method is not compatible with API Auth so if you need to fetch API tokens with audience you should use authorize or login.

method passwordlessVerify

passwordlessVerify: (
    options: {
        type: 'sms' | 'email';
        phoneNumber?: string | undefined;
        email?: string | undefined;
        connection: string;
        verificationCode: string;
    },
    callback: Auth0Callback<any>
) => void;

• Verifies the passwordless TOTP and returns the requested token

method preload

preload: (options: any) => any;

• Initializes the popup window and returns the instance to be used later in order to avoid being blocked by the browser.

  Parameter options

  : receives the window height and width and any other window feature to be sent to window.open

method signupAndLogin

signupAndLogin: (
    options: {
        email: string;
        password: string;
        connection: string;
        userMetadata?: unknown | undefined;
    },
    callback: Auth0Callback<any>
) => void;

• Signs up a new user and automatically logs the user in after the signup.

  This method is not compatible with API Auth so if you need to fetch API tokens with audience you should use authorize or signupAndAuthorize.

constructor

constructor(client: any, options: any);

method loginWithCredentials

loginWithCredentials: (
    options: {
        redirectUri?: string | undefined;
        responseType?: string | undefined;
        responseMode?: 'query' | 'fragment' | undefined;
        scope: string;
    },
    callback: Auth0Callback<any>
) => void;

• Performs authentication with username/email and password with a database connection

  This method is not compatible with API Auth so if you need to fetch API tokens with audience you should use authorize or login.

method signupAndLogin

signupAndLogin: (
    options: {
        email: string;
        password: string;
        connection: string;
        userMetadata?: unknown | undefined;
    } & CrossOriginLoginOptions,
    callback: Auth0Callback<any>
) => void;

• Signs up a new user and automatically logs the user in after the signup.

constructor

constructor(options: AuthOptions);

property client

client: Authentication;

property crossOriginAuthentication

crossOriginAuthentication: CrossOriginAuthentication;

property popup

popup: Popup;

property redirect

redirect: Redirect;

method authorize

authorize: (options?: AuthorizeOptions) => void;

• Redirects to the hosted login page (/authorize) in order to initialize a new authN/authZ transaction

  Parameter options

  : https://auth0.com/docs/api/authentication#!#get--authorize_db

method changePassword

changePassword: (
    options: ChangePasswordOptions,
    callback: Auth0Callback<any>
) => void;

• Initialices a change password transaction

  Parameter options

  : https://auth0.com/docs/api/authentication#!#post--dbconnections-change_password

method checkSession

checkSession: (options: CheckSessionOptions, cb: Auth0Callback<any>) => void;

• Renews an existing session on Auth0's servers using response_mode=web_message (i.e. Auth0's hosted login page)

  Parameter options

  options used in authorize call

  Parameter cb

  See Also

  • https://auth0.com/docs/libraries/auth0js/v9#using-checksession-to-acquire-new-tokens

method crossOriginAuthenticationCallback

crossOriginAuthenticationCallback: () => void;

• Runs the callback code for the cross origin authentication call. This method is meant to be called by the cross origin authentication callback url.

  Deprecated

  Use crossOriginVerification instead.

method crossOriginVerification

crossOriginVerification: () => void;

• Runs the callback code for the cross origin authentication call. This method is meant to be called by the cross origin authentication callback url.

method login

login: (options: CrossOriginLoginOptions, callback: Auth0Callback<any>) => void;

• Logs in the user with username and password using the cross origin authentication (/co/authenticate) flow. You can use either username or email to identify the user, but username will take precedence over email.

  This only works when 3rd party cookies are enabled in the browser. After the /co/authenticate call, you'll have to use the parseHash function at the redirectUri specified in the constructor.

  Parameter options

  options used in the authorize call after the login_ticket is acquired

  Parameter cb

  Callback function called only when an authentication error, like invalid username or password, occurs. For other types of errors, there will be a redirect to the redirectUri.

method logout

logout: (options: LogoutOptions) => void;

• Redirects to the auth0 logout endpoint

  If you want to navigate the user to a specific URL after the logout, set that URL at the returnTo parameter. The URL should be included in any the appropriate Allowed Logout URLs list:

  - If the client_id parameter is included, the returnTo URL must be listed in the Allowed Logout URLs set at the client level (see Setting Allowed Logout URLs at the App Level). - If the client_id parameter is NOT included, the returnTo URL must be listed in the Allowed Logout URLs set at the account level (see Setting Allowed Logout URLs at the Account Level).

  See Also

  • https://auth0.com/docs/api/authentication#logout

method parseHash

parseHash: {
    (
        callback: Auth0Callback<Auth0DecodedHash | null, Auth0ParseHashError>
    ): void;
    (
        options: ParseHashOptions,
        callback: Auth0Callback<Auth0DecodedHash, Auth0ParseHashError>
    ): void;
};

• Parse the url hash and extract the returned tokens depending on the transaction.

  Only validates id_tokens signed by Auth0 using the RS256 algorithm using the public key exposed by the /.well-known/jwks.json endpoint. Id tokens signed with other algorithms will not be accepted.

  Parameter callback

  : any(err, token_payload)

method passwordlessLogin

passwordlessLogin: (
    options: PasswordlessLoginOptions,
    callback: Auth0Callback<any>
) => void;

• Logs in a user with the verification code sent to the user

  Parameter options

  Parameter callback

method passwordlessStart

passwordlessStart: (
    options: PasswordlessStartOptions,
    callback: Auth0Callback<any>
) => void;

• Initialices a passwordless authentication transaction

  Parameter options

  : https://auth0.com/docs/api/authentication#passwordless

method passwordlessVerify

passwordlessVerify: (
    options: PasswordlessVerifyOptions,
    callback: Auth0Callback<any>
) => void;

• Verifies the passwordless TOTP and redirects to finish the passwordless transaction

  Parameter options

  :

method renderCaptcha

renderCaptcha: (
    element: HTMLElement,
    options?: CatpchaConfiguration,
    callback?: Auth0Callback<any>
) => Captcha;

• Renders the captcha challenge in the provided element. This function can only be used in the context of a Classic Universal Login Page.

  Parameter element

  The element where the captcha needs to be rendered

  Parameter options

  The configuration options for the captcha

  Parameter callback

  An optional completion callback

  See Also

  • https://auth0.github.io/auth0.js/WebAuth.html#renderCaptcha

method renewAuth

renewAuth: (options: RenewAuthOptions, callback: Auth0Callback<any>) => void;

• Executes a silent authentication transaction under the hood in order to fetch a new tokens for the current session. This method requires that all Auth is performed with authorize Watch out! If you're not using the hosted login page to do social logins, you have to use your own [social connection keys](https://manage.auth0.com/#/connections/social). If you use Auth0's dev keys, you'll always get login_required as an error when calling this method.

  Parameter options

  : any valid oauth2 parameter to be sent to the /authorize endpoint

method signup

signup: (options: DbSignUpOptions, callback: Auth0Callback<any>) => void;

• Signs up a new user

  Parameter options

  : https://auth0.com/docs/api/authentication#!#post--dbconnections-signup

method signupAndAuthorize

signupAndAuthorize: (
    options: DbSignUpOptions,
    callback: Auth0Callback<any>
) => void;

• Signs up a new user, automatically logs the user in after the signup and returns the user token. The login will be done using /oauth/token with password-realm grant type.

  Parameter options

  : https://auth0.com/docs/api/authentication#!#post--dbconnections-signup

method validateToken

validateToken: (
    token: string,
    nonce: string,
    callback: Auth0Callback<any>
) => void;

• Decodes the id_token and verifies the nonce.

  Parameter callback

  : function(err, {payload, transaction})

property issuer

issuer?: string | undefined;

property image

image: string;

property provider

provider: 'auth0' | 'recaptcha_v2';

property required

required: boolean;

property type

type: 'code';

index signature

[other: string]: unknown;

property accessToken

accessToken?: string | undefined;

property appState

appState?: any;

property expiresIn

expiresIn?: number | undefined;

property idToken

idToken?: string | undefined;

property idTokenPayload

idTokenPayload?: any;

property refreshToken

refreshToken?: string | undefined;

property scope

scope?: string | undefined;

property state

state?: string | undefined;

property tokenType

tokenType?: string | undefined;

property expiresIn

expiresIn: number;

• The length of time in seconds the token is valid for.

property idToken

idToken: string;

• The JWT for delegated access.

property tokenType

tokenType: string;

• The type of token being returned. Possible values: "Bearer"

property code

code?: string | undefined;

property description

description?: string | undefined;

property error

error: LibErrorCodes | SpecErrorCodes | string;

property error_description

error_description?: string | undefined;

property errorDescription

errorDescription?: string | undefined;

property name

name?: string | undefined;

property original

original?: any;

property policy

policy?: string | undefined;

property statusCode

statusCode?: number | undefined;

property statusText

statusText?: string | undefined;

property connection

connection: string;

property isSocial

isSocial: boolean;

property provider

provider: string;

property user_id

user_id: string;

property accessToken

accessToken?: string | undefined;

• token that allows access to the specified resource server (identified by the audience parameter or by default Auth0's /userinfo endpoint)

property appState

appState?: any;

• values that you receive back on the authentication response

property expiresIn

expiresIn?: number | undefined;

• number of seconds until the access token expires

property idToken

idToken?: string | undefined;

• token that identifies the user

property refreshToken

refreshToken?: string | undefined;

• token that can be used to get new access tokens from Auth0. Note that not all Auth0 Applications can request them or the resource server might not allow them.

property app_metadata

app_metadata?: any;

property clientID

clientID: string;

property created_at

created_at: string;

property email

email?: string | undefined;

property email_verified

email_verified?: boolean | undefined;

property family_name

family_name?: string | undefined;

property gender

gender?: string | undefined;

property given_name

given_name?: string | undefined;

property identities

identities: Auth0Identity[];

property locale

locale?: string | undefined;

property name

name: string;

property nickname

nickname: string;

property picture

picture: string;

property sub

sub: string;

property updated_at

updated_at: string;

property user_id

user_id: string;

property user_metadata

user_metadata?: any;

property username

username?: string | undefined;

property audience

audience?: string | undefined;

property clientID

clientID: string;

property cookieDomain

cookieDomain?: string | undefined;

• The domain the cookie is accessible from. If not set, the cookie is scoped to the current domain, including the subdomain. To keep a user logged in across multiple subdomains set this to your top-level domain and prefixed with a . (eg: .example.com)

property domain

domain: string;

property jwksURI

jwksURI?: string | undefined;

property leeway

leeway?: number | undefined;

property maxAge

maxAge?: number | undefined;

• maximum elapsed time in seconds since the last time the user was actively authenticated by the authorization server.

property overrides

overrides?:
    | {
          __tenant?: string | undefined;
          __token_issuer?: string | undefined;
          __jwks_uri?: string | undefined;
      }
    | undefined;

property plugins

plugins?: any;

property popupOrigin

popupOrigin?: string | undefined;

property protocol

protocol?: string | undefined;

property redirectUri

redirectUri?: string | undefined;

property response_type

response_type?: string | undefined;

property responseMode

responseMode?: string | undefined;

property responseType

responseType?: string | undefined;

property scope

scope?: string | undefined;

property state

state?: string | undefined;

property tenant

tenant?: string | undefined;

property universalLoginPage

universalLoginPage?: boolean | undefined;

property accessType

accessType?: string | undefined;

property approvalPrompt

approvalPrompt?: string | undefined;

property appState

appState?: any;

property audience

audience?: string | undefined;

property clientID

clientID?: string | undefined;

property connection

connection?: string | undefined;

property connection_scope

connection_scope?: string | string[] | undefined;

property domain

domain?: string | undefined;

property invitation

invitation?: string | undefined;

property language

language?: string | undefined;

property login_hint

login_hint?: string | undefined;

property mode

mode?: 'login' | 'signUp' | undefined;

property nonce

nonce?: string | undefined;

property organization

organization?: string | undefined;

property prompt

prompt?: string | undefined;

property redirectUri

redirectUri?: string | undefined;

property responseMode

responseMode?: string | undefined;

property responseType

responseType?: string | undefined;

property scope

scope?: string | undefined;

property screen_hint

screen_hint?: 'signup' | undefined;

property state

state?: string | undefined;

property audience

audience?: string | undefined;

• identifier of the resource server who will consume the access token issued after Auth

property clientID

clientID?: string | undefined;

• your Auth0 client identifier obtained when creating the client in the Auth0 Dashboard

property nonce

nonce?: string | undefined;

• value used to mitigate replay attacks when using Implicit Grant. https://auth0.com/docs/api-auth/tutorials/nonce

property redirectUri

redirectUri: string;

• url that the Auth0 will redirect after Auth with the Authorization Response

property responseMode

responseMode?: 'query' | 'fragment' | 'form_post' | undefined;

• how the Auth response is encoded and redirected back to the client. Supported values are query, fragment and form_post https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#ResponseModes

property responseType

responseType: string;

• type of the response used by OAuth 2.0 flow. It can be any space separated list of the values code, token, id_token. https://openid.net/specs/oauth-v2-multiple-response-types-1_0

property scope

scope?: string | undefined;

• scopes to be requested during Auth. e.g. openid email

property state

state?: string | undefined;

• value used to mitigate XSRF attacks. https://auth0.com/docs/protocols/oauth2/oauth-state

property audience

audience?: string | undefined;

property clientID

clientID?: string | undefined;

property nonce

nonce?: string | undefined;

property redirectUri

redirectUri?: string | undefined;

property responseType

responseType?: string | undefined;

property scope

scope?: string | undefined;

property state

state?: string | undefined;

property getValue

getValue: () => string;

property reload

reload: (done: DoneCallback) => void;

property auth0

auth0?: ((challenge: Auth0Challenge) => string) | undefined;

• Template function receiving the challenge and returning an string

property error

error: (error: Error) => string;

property recaptcha_v2

recaptcha_v2?: ((challenge: Auth0Challenge) => string) | undefined;

• Template function receiving the challenge and returning an string

property lang

lang?: string | undefined;

• The ISO code of the language for recaptcha 'en'

property templates

templates?: CaptchaTemplates | undefined;

• An object containaing templates for each captcha provider

property connection

connection: string;

property email

email: string;

property usePostMessage

usePostMessage?: boolean | undefined;

• optional parameter for auth0 to use postMessage to communicate between the silent callback and the SPA.

property audience

audience?: string | undefined;

property clientID

clientID?: string | undefined;

property domain

domain?: string | undefined;

property email

email?: string | undefined;

property nonce

nonce?: string | undefined;

property onRedirecting

onRedirecting?: (done: () => void) => void | undefined;

property password

password: string;

property realm

realm?: string | undefined;

property redirectUri

redirectUri?: string | undefined;

property responseMode

responseMode?: string | undefined;

property responseType

responseType?: string | undefined;

property scope

scope?: string | undefined;

property state

state?: string | undefined;

property username

username?: string | undefined;

property connection

connection: string;

• name of the connection where the user will be created

property email

email: string;

• user email address

property password

password: string;

• user password

property scope

scope?: string | undefined;

property userMetadata

userMetadata?: unknown | undefined;

• additional signup attributes used for creating the user. Will be stored in user_metadata

property username

username?: string | undefined;

• User desired username. Required if you use a database connection and you have enabled Requires Username

property email

email: string;

• user's email

property emailVerified

emailVerified: boolean;

• if the user's email was verified

property audience

audience?: string | undefined;

property audience

audience?: string | undefined;

property realm

realm: string;

property api_type

api_type?: string | undefined;

property client_id

client_id?: string | undefined;

property grant_type

grant_type: string;

property id_token

id_token?: string | undefined;

property refresh_token

refresh_token?: string | undefined;

property scope

scope?: string | undefined;

property target

target?: string | undefined;

property password

password: string;

property scope

scope?: string | undefined;

property username