@auth0/nextjs-auth0 - v4.12.0
    Preparing search index...

    Class Auth0Client

    Index

    Constructors

    constructor

    Methods

    connectAccount createFetcher getAccessToken getAccessTokenForConnection getSession getTokenByBackchannelAuth middleware startInteractiveLogin updateSession withApiAuthRequired withPageAuthRequired

    Constructors

    Methods

    • Initiates the Connect Account flow to connect a third-party account to the user's profile. If the user does not have an active session, a ConnectAccountError is thrown.

      This method first attempts to obtain an access token with the create:me:connected_accounts scope for the My Account API to create a connected account for the user.

      The user will then be redirected to authorize the connection with the third-party provider.

      Parameters

      Returns Promise<NextResponse<unknown>>

    • Creates a configured Fetcher instance for making authenticated API requests.

      This method creates a specialized HTTP client that handles:

      • Automatic access token retrieval and injection
      • DPoP (Demonstrating Proof-of-Possession) proof generation when enabled
      • Token refresh and session management
      • Error handling and retry logic for DPoP nonce errors
      • Base URL resolution for relative requests

      The fetcher provides a high-level interface for making requests to protected resources without manually handling authentication details.

      Type Parameters

      • TOutput extends Response = Response

        Response type that extends the standard Response interface

      Parameters

      • req: undefined | NextRequest | PagesRouterRequest

        Request object for session context (required for Pages Router, optional for App Router)

      • options: {
            baseUrl?: string;
            fetch?: CustomFetchImpl<TOutput>;
            getAccessToken?: AccessTokenFactory;
            useDPoP?: boolean;
        }

        Configuration options for the fetcher

        • OptionalbaseUrl?: string

          Base URL for relative requests. Must be provided if using relative URLs

        • Optionalfetch?: CustomFetchImpl<TOutput>

          Custom fetch implementation. Falls back to global fetch if not provided

        • OptionalgetAccessToken?: AccessTokenFactory

          Custom access token factory function. If not provided, uses the default from hooks

        • OptionaluseDPoP?: boolean

          Enable DPoP for this fetcher instance (overrides global setting)

      Returns Promise<Fetcher<TOutput>>

      Promise that resolves to a configured Fetcher instance

      AccessTokenError when no active session exists

      import { auth0 } from "@/lib/auth0";

      const fetcher = await auth0.createFetcher(undefined, {
        baseUrl: "https://api.example.com",
        useDPoP: true
      });

      const response = await fetcher.fetchWithAuth("/users");
      const users = await response.json();
      • Fetcher for details on using the returned fetcher instance
      • FetcherMinimalConfig for available configuration options

    • Parameters

      • Optionaloptions: GetAccessTokenOptions

        Optional configuration for getting the access token.

        • Optionalaudience?: string | null

          Please note: If you are passing audience, ensure that the used audiences and scopes are part of the Application's Refresh Token Policies in Auth0 when configuring Multi-Resource Refresh Tokens (MRRT). Auth0 Documentation on Multi-resource Refresh Tokens

        • Optionalrefresh?: boolean | null
        • Optionalscope?: string | null

      Returns Promise<
          {
              audience?: string;
              expiresAt: number;
              scope?: string;
              token: string;
              token_type?: string;
          },
      >

    • getAccessToken returns the access token.

      This method can be used in middleware and getServerSideProps, API routes in the Pages Router.

      Parameters

      • req: NextRequest | PagesRouterRequest

        The request object.

      • res: NextResponse<unknown> | PagesRouterResponse

        The response object.

      • Optionaloptions: GetAccessTokenOptions

        Optional configuration for getting the access token.

        • Optionalaudience?: string | null

          Please note: If you are passing audience, ensure that the used audiences and scopes are part of the Application's Refresh Token Policies in Auth0 when configuring Multi-Resource Refresh Tokens (MRRT). Auth0 Documentation on Multi-resource Refresh Tokens

        • Optionalrefresh?: boolean | null
        • Optionalscope?: string | null

      Returns Promise<
          {
              audience?: string;
              expiresAt: number;
              scope?: string;
              token: string;
              token_type?: string;
          },
      >

    • Retrieves an access token for a connection.

      This method can be used in Server Components, Server Actions, and Route Handlers in the App Router.

      NOTE: Server Components cannot set cookies. Calling getAccessTokenForConnection() in a Server Component will cause the access token to be refreshed, if it is expired, and the updated token set will not to be persisted. It is recommended to call getAccessTokenForConnection(req, res) in the middleware if you need to retrieve the access token in a Server Component to ensure the updated token set is persisted.

      Parameters

      Returns Promise<{ expiresAt: number; token: string }>

    • Retrieves an access token for a connection.

      This method can be used in middleware and getServerSideProps, API routes in the Pages Router.

      Parameters

      Returns Promise<{ expiresAt: number; token: string }>

    • middleware mounts the SDK routes to run as a middleware function.

      Parameters

      • req: NextRequest

      Returns Promise<NextResponse<unknown>>

    • updateSession updates the session of the currently authenticated user. If the user does not have a session, an error is thrown.

      This method can be used in middleware and getServerSideProps, API routes, and middleware in the Pages Router.

      Parameters

      Returns Promise<void>

    • updateSession updates the session of the currently authenticated user. If the user does not have a session, an error is thrown.

      This method can be used in Server Actions and Route Handlers in the App Router.

      Parameters

      Returns Promise<void>

    • Parameters

      • apiRoute: AppRouteHandlerFn | NextApiHandler

      Returns (
          req: NextApiRequest | NextRequest,
          resOrParams: AppRouteHandlerFnContext | NextApiResponse,
      ) => unknown

    Settings

    Member Visibility

    On This Page

    Constructors
    Methods