JSDoc: Class: Popup

Source:

web-auth/popup.js, line 19

Methods

authorize(options, cb)

Shows inside a new window the hosted login page (/authorize) in order to start a new authN/authZ transaction and post its result using postMessage.

Parameters:

Name Type Description

options

Object

Properties

Name	Type	Attributes	Description
`clientID`	String	<optional>	the Client ID found on your Application settings page
`redirectUri`	String		url that the Auth0 will redirect after Auth with the Authorization Response
`responseType`	String		type of the response used by OAuth 2.0 flow. It can be any space separated list of the values `code`, `token`, `id_token`. https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html
`responseMode`	String	<optional>	how the Auth response is encoded and redirected back to the client. Supported values are `query`, `fragment` and `form_post`. The `query` value is only supported when `responseType` is `code`. https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#ResponseModes
`state`	String	<optional>	value used to mitigate XSRF attacks. https://auth0.com/docs/protocols/oauth2/oauth-state
`nonce`	String	<optional>	value used to mitigate replay attacks when using Implicit Grant. https://auth0.com/docs/api-auth/tutorials/nonce
`scope`	String	<optional>	scopes to be requested during Auth. e.g. `openid email`
`audience`	String	<optional>	identifier of the resource server who will consume the access token issued after Auth
`organization`	String	<optional>	the Id of an organization to log in to
`invitation`	String	<optional>	the ID of an invitation to accept. This is available from the user invitation URL that is given when participating in a user invitation flow
`owp`	Boolean	<optional>	determines if Auth0 should render the relay page or not and the caller is responsible of handling the response.

cb authorizeCallback

Source:

web-auth/popup.js, line 140

See:

https://auth0.com/docs/api/authentication#authorize-client

callback(options)

Handles the popup logic for the callback page.

Parameters:

Name Type Description

options

Object

Properties

Name	Type	Attributes	Description
`hash`	String		the url hash. If not provided it will extract from window.location.hash
`state`	String	<optional>	value originally sent in `state` parameter to `authorize` to mitigate XSRF
`nonce`	String	<optional>	value originally sent in `nonce` parameter to `authorize` to prevent replay attacks

Source:

web-auth/popup.js, line 85

See:

parseHash

loginWithCredentials(options, cb)

Performs authentication with username/email and password with a database connection inside a new window

This method is not compatible with API Auth so if you need to fetch API tokens with audience you should use authorize or login.

Parameters:

Name Type Description

options

Object

Properties

Name	Type	Attributes	Description
`redirectUri`	String	<optional>	url that the Auth0 will redirect after Auth with the Authorization Response
`responseType`	String	<optional>	type of the response used. It can be any of the values `code` and `token`
`responseMode`	String	<optional>	how the AuthN response is encoded and redirected back to the client. Supported values are `query` and `fragment`. The `query` value is only supported when `responseType` is `code`.
`scope`	String	<optional>	scopes to be requested during AuthN. e.g. `openid email`

cb credentialsCallback

Source:

web-auth/popup.js, line 240

passwordlessVerify(options, cb)

Verifies the passwordless TOTP and redirects to finish the passwordless transaction

Parameters:

Name Type Description

options

Object

Properties

Name	Type	Description
`type`	String	`sms` or `email`
`phoneNumber`	String	only if type = sms
`email`	String	only if type = email
`connection`	String	the connection name
`verificationCode`	String	the TOTP code

cb function

Source:

web-auth/popup.js, line 272

preload(options)

Initializes the popup window and returns the instance to be used later in order to avoid being blocked by the browser.

Parameters:

Name	Type	Description
`options`	Object	receives the window height and width and any other window feature to be sent to window.open

Source:

web-auth/popup.js, line 51

signupAndLogin(options, cb)

Signs up a new user and automatically logs the user in after the signup.

This method is not compatible with API Auth so if you need to fetch API tokens with audience you should use authorize or signupAndAuthorize.

Parameters:

Name Type Description

options

Object

Properties

Name	Type	Description
`email`	String	user email address
`password`	String	user password
`connection`	String	name of the connection where the user will be created

cb credentialsCallback

Source:

web-auth/popup.js, line 307