The simplest way to use the SDK is to use the named exports (HandleAuth, HandleLogin,
HandleLogout, HandleCallback, HandleProfile, GetSession, GetAccessToken,
WithApiAuthRequired, and WithPageAuthRequired).
If you don't want to configure the SDK with environment variables or you want more fine grained control over the
instance, you can create an instance yourself and use the handlers and helpers from that.
First, export your configured instance from another module:
IMPORTANT If you use InitAuth0, you should not use the other named exports as they will use a different
instance of the SDK. Also note - this is for the server side part of the SDK - you will always use named exports for
the front end components: UserProvider, UseUser and the
front end version of WithPageAuthRequired
Configuration properties.
The Server part of the SDK can be configured in 2 ways.
1. Environment Variables
The simplest way to use the SDK is to use the named exports (HandleAuth, HandleLogin, HandleLogout, HandleCallback, HandleProfile, GetSession, GetAccessToken, WithApiAuthRequired, and WithPageAuthRequired).
When you use these named exports, an instance of the SDK is created for you which you can configure using environment variables:
Required
AUTH0_SECRET: See BaseConfig.secret.AUTH0_ISSUER_BASE_URL: See BaseConfig.issuerBaseURL.AUTH0_BASE_URL: See BaseConfig.baseURL.AUTH0_CLIENT_ID: See BaseConfig.clientID.AUTH0_CLIENT_SECRET: See BaseConfig.clientSecret.Optional
AUTH0_CLOCK_TOLERANCE: See BaseConfig.clockTolerance.AUTH0_HTTP_TIMEOUT: See BaseConfig.httpTimeout.AUTH0_ENABLE_TELEMETRY: See BaseConfig.enableTelemetry.AUTH0_IDP_LOGOUT: See BaseConfig.idpLogout.AUTH0_ID_TOKEN_SIGNING_ALG: See BaseConfig.idTokenSigningAlg.AUTH0_LEGACY_SAME_SITE_COOKIE: See BaseConfig.legacySameSiteCookie.AUTH0_IDENTITY_CLAIM_FILTER: See BaseConfig.identityClaimFilter.NEXT_PUBLIC_AUTH0_LOGIN: See NextConfig.routes.AUTH0_CALLBACK: See BaseConfig.routes.AUTH0_POST_LOGOUT_REDIRECT: See BaseConfig.routes.AUTH0_AUDIENCE: See BaseConfig.authorizationParams.AUTH0_SCOPE: See BaseConfig.authorizationParams.AUTH0_ORGANIZATION: See NextConfig.organization.AUTH0_SESSION_NAME: See SessionConfig.name.AUTH0_SESSION_ROLLING: See SessionConfig.rolling.AUTH0_SESSION_ROLLING_DURATION: See SessionConfig.rollingDuration.AUTH0_SESSION_ABSOLUTE_DURATION: See SessionConfig.absoluteDuration.AUTH0_SESSION_AUTO_SAVE: See SessionConfig.autoSave.AUTH0_COOKIE_DOMAIN: See CookieConfig.domain.AUTH0_COOKIE_PATH: See CookieConfig.path.AUTH0_COOKIE_TRANSIENT: See CookieConfig.transient.AUTH0_COOKIE_HTTP_ONLY: See CookieConfig.httpOnly.AUTH0_COOKIE_SECURE: See CookieConfig.secure.AUTH0_COOKIE_SAME_SITE: See CookieConfig.sameSite.AUTH0_CLIENT_ASSERTION_SIGNING_KEY: See BaseConfig.clientAssertionSigningKeyAUTH0_CLIENT_ASSERTION_SIGNING_ALG: See BaseConfig.clientAssertionSigningAlgAUTH0_TRANSACTION_COOKIE_NAMESee BaseConfig.transactionCookieAUTH0_TRANSACTION_COOKIE_DOMAINSee BaseConfig.transactionCookieAUTH0_TRANSACTION_COOKIE_PATHSee BaseConfig.transactionCookieAUTH0_TRANSACTION_COOKIE_SAME_SITESee BaseConfig.transactionCookieAUTH0_TRANSACTION_COOKIE_SECURESee BaseConfig.transactionCookie2. Create your own instance using InitAuth0
If you don't want to configure the SDK with environment variables or you want more fine grained control over the instance, you can create an instance yourself and use the handlers and helpers from that.
First, export your configured instance from another module:
Then import it into your route handler:
IMPORTANT If you use InitAuth0, you should not use the other named exports as they will use a different instance of the SDK. Also note - this is for the server side part of the SDK - you will always use named exports for the front end components: UserProvider, UseUser and the front end version of WithPageAuthRequired