Interface BaseConfig

Boolean value to enable Auth0's proprietary logout feature. Since this SDK is for Auth0, it's set to true by default. Set it to false if you don't want to use https://auth0.com/docs/api/authentication#logout. You can also use the AUTH0_LOGOUT environment variable.

URL parameters used when redirecting users to the authorization server to log in.

If this property is not provided by your application, its default values will be:

{
  response_type: 'code',
  scope: 'openid profile email'
}
Copy

New values can be passed in to change what is returned from the authorization server depending on your specific scenario. Additional custom parameters can be added as well.

Note: You must provide the required parameters if this object is set.

{
  response_type: 'code',
  scope: 'openid profile email',

  // Additional parameters
  acr_value: 'tenant:test-tenant',
  custom_param: 'custom-value'
};
Copy

The root URL for the application router, for example https://localhost. You can also use the AUTH0_BASE_URL environment variable. If you provide a domain, we will prefix it with https://. This can be useful when assigning it to VERCEL_URL for Vercel deploys.

NEXT_PUBLIC_AUTH0_BASE_URL will also be checked if AUTH0_BASE_URL is not defined.

The algorithm to sign the client assertion JWT. Uses one of token_endpoint_auth_signing_alg_values_supported if not specified. If the Authorization Server discovery document does not list token_endpoint_auth_signing_alg_values_supported this property will be required. You can also use the AUTH0_CLIENT_ASSERTION_SIGNING_ALG environment variable.

Private key for use with private_key_jwt clients. This should be a string that is the contents of a PEM file. You can also use the AUTH0_CLIENT_ASSERTION_SIGNING_KEY environment variable.

The Client ID for your application. You can also use the AUTH0_CLIENT_ID environment variable.

The Client Secret for your application. Required when requesting access tokens. You can also use the AUTH0_CLIENT_SECRET environment variable.

Integer value for the system clock's tolerance (leeway) in seconds for ID token verification.Defaults to60seconds. You can also use theAUTH0_CLOCK_TOLERANCE` environment variable.

Boolean value to opt-out of sending the library and node version to your authorization server via the Auth0-Client header. Defaults to true. You can also use the AUTH0_ENABLE_TELEMETRY environment variable.

Integer value for the HTTP timeout in milliseconds for authentication requests. Defaults to 5000 ms. You can also use the AUTH0_HTTP_TIMEOUT environment variable.

String value for the expected ID token algorithm. Defaults to 'RS256'. You can also use the AUTH0_ID_TOKEN_SIGNING_ALG environment variable.

Array value of claims to remove from the ID token before storing the cookie session. Defaults to ['aud', 'iss', 'iat', 'exp', 'nbf', 'nonce', 'azp', 'auth_time', 's_hash', 'at_hash', 'c_hash']. You can also use the AUTH0_IDENTITY_CLAIM_FILTER environment variable.

Boolean value to log the user out from the identity provider on application logout. Defaults to true. You can also use the AUTH0_IDP_LOGOUT environment variable.

REQUIRED The root URL for the token issuer with no trailing slash. This is https:// plus your Auth0 domain. You can also use the AUTH0_ISSUER_BASE_URL environment variable.

Set a fallback cookie with no SameSite attribute when response_mode is form_post. The default response_mode for this SDK is query so this defaults to false You can also use the AUTH0_LEGACY_SAME_SITE_COOKIE environment variable.

Boolean value to automatically install the login and logout routes.

The secret(s) used to derive an encryption key for the user identity in a session cookie and to sign the transient cookies used by the login callback. Provide a single string secret, but if you want to rotate the secret you can provide an array putting the new secret first. You can also use the AUTH0_SECRET environment variable.

Object defining application session cookie attributes.