Ruby API client for the Auth0 platform.
- API documentation - documentation auto-generated from the code comments that explains all the available features
- Examples - examples that demonstrate the different ways in which this SDK can be used
- Docs Site - explore our Docs site and learn more about Auth0
This gem can be installed directly:
$ gem install auth0
or with Bundler:
bundle add auth0
Create an instance of Auth0Client
to access properties and methods of the authentication and management APIs:
require 'auth0'
client = Auth0Client.new(
client_id: ENV['AUTH0_RUBY_CLIENT_ID'],
client_secret: ENV['AUTH0_RUBY_CLIENT_SECRET'],
domain: ENV['AUTH0_RUBY_DOMAIN'],
# If you pass in a client_secret value, the SDK will automatically try to get a
# Management API token for this application. Make sure your Application can make a
# Client Credentials grant (Application settings in Auth0 > Advanced > Grant Types
# tab) and that the Application is authorized for the Management API:
# https://auth0.com/docs/api-auth/config/using-the-auth0-dashboard
#
# Otherwise, you can pass in a Management API token directly for testing or temporary
# access using the key below.
# token: ENV['AUTH0_RUBY_API_TOKEN'],
#
# When passing a token, you can also specify when the token expires in seconds from epoch. Otherwise, expiry is set
# by default to an hour from now.
# token_expires_at: Time.now.to_i + 86400
)
If token
is omitted, the SDK will attempt to fetch a new token using the client_credentials
grant, provided that client_id
and client_secret
are provided in the configuration. Once the token is about to expire (or has already expired), a new token will be fetched and cached for future calls.
For this to work, ensure your application can make a Client Credentials grant (Application settings in Auth0 > Advanced > Grant Types tab) and that the application is authorized for the Management API: https://auth0.com/docs/api-auth/config/using-the-auth0-dashboard
This SDK provides access to Authentication API endpoints with the Auth0::API::AuthenticationEndpoints
module.
For basic login capability, we suggest using our OmniAuth stategy detailed here. Other authentication tasks currently supported are:
- Register a new user with a database connection using the
signup
method. - Redirect a user to the universal login page for authentication using the
authorization_url
method. - Log a user into a highly trusted app with the Resource Owner Password grant using the
login
method. - Exchange an authorization code for an access token on callback using the
obtain_user_tokens
method (see the note on state validation below). - Send a change password email to a database connection user using the
change_password
method. - Log a user out of Auth0 with the
logout_url
method.
Important note on state validation: If you choose to implement a login flow callback yourself, it is important to generate and store a state
value, pass that value to Auth0 in the authorization_url
method, and validate it in your callback URL before calling obtain_user_tokens
. For more information on state validation, please see our documentation.
Please note that this module implements endpoints that might be deprecated for newer tenants. If you have any questions about how and when the endpoints should be used, consult the documentation or ask in our Community forums.
This SDK provides access to the Management API via modules that help create clear and accurate calls. Most of the interaction is done through the Auth0Client
class, instantiated with the required credentials.
For an example of using the management API client to read of users, see the examples document.
- Login using OmniAuth
- API authentication in Ruby
- API authentication in Rails
- Managing authentication with Auth0 (blog)
- Ruby on Rails workflow with Docker (blog)
We appreciate feedback and contribution to this repo! Before you get started, please see the following:
To provide feedback or report a bug, please raise an issue on our issue tracker.
Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
Auth0 is an easy to implement, adaptable authentication and authorization platform. To learn more checkout Why Auth0?
This project is licensed under the MIT license. See the LICENSE file for more info.