AuthenticationClient - Documentation

Constructor

new AuthenticationClient(options)

Source:

auth/index.js, line 49

Parameters:

Name Type Description

options

Object

Options for the Authentication Client SDK.

Name	Type	Attributes	Description
`domain`	`String`		AuthenticationClient server domain.
`clientId`	`String`	<optional>	Default client ID.
`clientSecret`	`String`	<optional>	Default client Secret.

Example

The AuthenticationClient constructor takes an optional client ID, if specified it will be used as default value for all endpoints that accept a client ID.

var AuthenticationClient = require('auth0'). AuthenticationClient;
var auth0 = new AuthenticationClient({
  domain: '{YOUR_ACCOUNT}.auth0.com',
  clientId: '{OPTIONAL_CLIENT_ID}'
});

Members

database :DatabaseAuthenticator

Database authenticator.

Source:

auth/index.js, line 88

Type:

DatabaseAuthenticator

oauth :OAuthAuthenticator

OAuth authenticator.

Source:

auth/index.js, line 81

Type:

OAuthAuthenticator

passwordless :PasswordlessAuthenticator

Passwordless authenticator.

Source:

auth/index.js, line 95

Type:

PasswordlessAuthenticator

tokens :TokensManager

Tokens manager.

Source:

auth/index.js, line 109

Type:

TokensManager

users :UsersManager

Users manager.

Source:

auth/index.js, line 102

Type:

UsersManager

Methods

changePassword(data) → {Promise|undefined}

Change password using a database or active directory service.

Source:

auth/index.js, line 366

Parameters:

Name Type Description

data

Object

User data object.

Name	Type	Description
`email`	`String`	User email.
`password`	`String`	User password.
`connection`	`String`	Identity provider for the user.

Returns:

Type:: Promise | undefined

Example

Given the user email, the connection specified and the new password to use, Auth0 will send a forgot password email. Once the user clicks on the confirm password change link, the new password specified in this POST will be set to this user. Find more information in the API Docs.

var data = {
  email: '{EMAIL}',
  password: '{PASSWORD}',
  connection: 'Username-Password-Authentication'
};

auth0.changePassword(data, function (err, message) {
  if (err) {
    // Handle error.
  }

  console.log(message);
});

clientCredentialsGrant(options) → {Promise|undefined}

Gets an access token using the client credentials grant flow.

Source:

auth/index.js, line 482

Parameters:

Name Type Description

options

Object

Name	Type	Attributes	Description
`scope`	`String`	<optional>	scopes to request to be added to the returned access token
`audience`	`String`	<optional>	audience or identifier of the API where the access token will be used, e.g. Auth0 Management API

Returns:

Type:: Promise | undefined

Example

Gets an access token using the client credentials grant flow. Find more information in the API Docs.

auth0.clientCredentialsGrant({
  audience: 'https://tenant.auth0.com/api/v2/',
  scope: 'read:users update:users'
}, function (err, response) {
  if (err) {
    // Handle error.
  }

  console.log(response);
});

getClientInfo() → {Object}

Return an object with information about the current client,

Source:

auth/index.js, line 113

Returns:

Type:: Object

Object containing client information.

getDelegationToken(data) → {Promise|undefined}

Exchange the token of the logged in user with a token that is valid to call the API (signed with the API secret).

Source:

auth/index.js, line 315

Parameters:

Name Type Description

data

Object

Token data object.

Name	Type	Description
`id_token`	`String`	The user ID token.
`api_type`	`String`	The API type (aws, firebase, etc).
`target`	`String`	The target client ID.
`grant_type`	`String`	The grant type.

Returns:

Type:: Promise | undefined

Example

Given an existing token, this endpoint will generate a new token signed with the target client secret. This is used to flow the identity of the user from the application to an API or across different APIs that are protected with different secrets. Find more information in the API Docs.

var data = {
  id_token: '{ID_TOKEN}',
  api_type: 'app',
  target: '{TARGET}',
  grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer'
};

auth0.getDelegationToken(data, function (err, token) {
  if (err) {
    // Handle error.
  }

  console.log(token);
});

getProfile(accessToken) → {Promise|undefined}

Given an access token get the user profile linked to it.

Source:

auth/index.js, line 456

Parameters:

Name	Type	Description
`accessToken`	`String`	The user access token.

Returns:

Type:: Promise | undefined

Example

Get the user information based on the Auth0 access token (obtained during login). Find more information in the API Docs.

auth0.getProfile(data, function (err, userInfo) {
  if (err) {
    // Handle error.
  }

  console.log(userInfo);
});

passwordGrant(userData) → {Promise|undefined}

Source:

auth/index.js, line 512

Parameters:

Name Type Description

userData

Object

User credentials object.

Name	Type	Attributes	Description
`username`	`String`		Username.
`password`	`String`		User password.
`realm`	`String`	<optional>	Name of the realm to use to authenticate or the connection name

Returns:

Type:: Promise | undefined

Example

Given the user's credentials perform the OAuth password grant or Password Realm grant if a realm is provided, it will return a JSON with the access_token and id_token. More information in the API Docs .

var data = {
  client_id: '{CLIENT_ID}',  // Optional field.
  username: '{USERNAME}',
  password: '{PASSWORD}'
  realm: '{CONNECTION_NAME}', // Optional field.
  scope: 'openid'  // Optional field.
};

auth0.oauth.token(data, function (err, userData) {
  if (err) {
    // Handle error.
  }

  console.log(userData);
});

requestChangePasswordEmail(data) → {Promise|undefined}

Request a change password email using a database or active directory service.

Source:

auth/index.js, line 413

Parameters:

Name Type Description

data

Object

User data object.

Name	Type	Description
`email`	`String`	User email.
`connection`	`String`	Identity provider for the user.

Returns:

Type:: Promise | undefined

Example

Given the user email, the connection specified, Auth0 will send a change password email. once the user clicks on the confirm password change link, the new password specified in this POST will be set to this user. Find more information in the var data = { email: '{EMAIL}', connection: 'Username-Password-Authentication' }; auth0.requestChangePasswordEmail(data, function (err, message) { if (err) { // Handle error. } console.log(message); });

requestEmailCode(data) → {Promise|undefined}

Start passwordless flow sending an email.

Source:

Parameters:

Name Type Description

data

Object

User data object.

Name	Type	Attributes	Description
`email`	`String`		User email address.
`authParams`	`Object`	<optional>	Authentication parameters.

Returns:

Type:: Promise | undefined

Example

Given the user `email` address, it will send an email with a verification code. You can then authenticate with this user using the `/oauth/ro` endpoint using the email as username and the code as password. Find more information in the API Docs

var data = {
  email: '{EMAIL}',
  authParams: {} // Optional auth params.
};

auth0.requestEmailCode(data, function (err) {
  if (err) {
    // Handle error.
  }
};

requestMagicLink(data) → {Promise|undefined}

Start passwordless flow sending an email.

Source:

auth/index.js, line 146

Parameters:

Name Type Description

data

Object

User data object.

Name	Type	Attributes	Description
`email`	`String`		User email address.
`authParams`	`Object`	<optional>	Authentication parameters.

Returns:

Type:: Promise | undefined

Example

Given the user `email` address, it will send an email with a link. You can then authenticate with this user opening the link and he will be automatically logged in to the application. Optionally, you can append/override parameters to the link (like `scope`, `redirect_uri`, `protocol`, `response_type`, etc.) using `authParams` object. Find more information in the API Docs

var data = {
  email: '{EMAIL}',
  authParams: {} // Optional auth params.
};

auth0.requestMagicLink(data, function (err) {
  if (err) {
    // Handle error.
  }
};

requestSMSCode(data) → {Promise|undefined}

Start passwordless flow sending an SMS.

Source:

auth/index.js, line 226

Parameters:

Name Type Description

data

Object

User data object.

Name	Type	Description
`phone_number`	`String`	The user phone number.

Returns:

Type:: Promise | undefined

Example

Given the user `phone_number`, it will send a SMS message with a verification code. You can then authenticate with this user using the `/oauth/ro` endpoint specifying `phone_number` as `username` and `code` as `password`:

var data = {
  phone_number: '{PHONE}'
};

auth0.requestSMSCode(data, function (err) {
  if (err) {
    // Handle error.
  }

});

verifySMSCode(data) → {Promise|undefined}

Source:

auth/index.js, line 264

Parameters:

Name Type Description

data

Object

Credentials object.

Name	Type	Description
`username`	`String`	Phone number.
`password`	`String`	Verification code.
`target`	`String`	Target client ID.
`grant_type`	`String`	Grant type.

Returns:

Type:: Promise | undefined

Examples

Given the user credentials (`phone_number` and `code`), it will do the authentication on the provider and return a JSON with the `access_token` and `id_token`.

var data = {
  username: '{PHONE_NUMBER}',
  password: '{VERIFICATION_CODE}'
};

auth0.verifySMSCode(data, function (err) {
  if (err) {
    // Handle error.
  }
});

The user data object has the following structure.

{
  id_token: String,
  access_token: String,
  token_type: String
}