Class Auth

ReadonlyclientId

Readonlydomain

authorizeUrl

• authorizeUrl(parameters: AuthorizeUrlOptions): string

  Builds the full authorize endpoint url in the Authorization Server (AS) with given parameters.

  Parameters

  • parameters: AuthorizeUrlOptions

  Returns string

  A URL to the authorize endpoint with specified parameters to redirect to for AuthZ/AuthN.

  See

  https://auth0.com/docs/api/authentication#authorize-client

createUser

• createUser(parameters: CreateUserOptions): Promise<Partial<User>>

  Creates a new user using the options provided.

  Parameters

  • parameters: CreateUserOptions

  Returns Promise<Partial<User>>

  An instance of <a href="../types/User.html" class="tsd-kind-type-alias">User</a>.

exchange

• exchange(parameters: ExchangeOptions): Promise<Credentials>

  Exchanges a code obtained via /authorize (w/PKCE) for the user's tokens

  Parameters

  • parameters: ExchangeOptions

  Returns Promise<Credentials>

  A prominse for a populated instance of <a href="../types/Credentials.html" class="tsd-kind-type-alias">Credentials</a>.

  See

  https://auth0.com/docs/api-auth/grant/authorization-code-pkce

exchangeNativeSocial

• exchangeNativeSocial(
      parameters: ExchangeNativeSocialOptions,
  ): Promise<Credentials>

  Exchanges an external token obtained via a native social authentication solution for the user's tokens

  Parameters

  • parameters: ExchangeNativeSocialOptions

  Returns Promise<Credentials>

  A populated instance of <a href="../types/Credentials.html" class="tsd-kind-type-alias">Credentials</a>.

  See

  https://auth0.com/docs/api/authentication#token-exchange-for-native-social

loginWithEmail

• loginWithEmail(parameters: LoginWithEmailOptions): Promise<Credentials>

  Completes the Passworldess authentication with an email connection that was started using <a href="#passwordlesswithemail" class="tsd-kind-method">passwordlessWithEmail</a>.

  Parameters

  • parameters: LoginWithEmailOptions

  Returns Promise<Credentials>

  A populated instance of <a href="../types/Credentials.html" class="tsd-kind-type-alias">Credentials</a>.

loginWithOOB

• loginWithOOB(parameters: LoginWithOOBOptions): Promise<Credentials>

  Log in a user using an Out Of Band authentication code after they have received the 'mfa_required' error. The MFA token tells the server the username or email, password, and realm values sent on the first request.

  Requires your client to have the MFA OOB Grant Type enabled. See Client Grant Types to learn how to enable it.

  Parameters

  • parameters: LoginWithOOBOptions

  Returns Promise<Credentials>

  A populated instance of <a href="../types/Credentials.html" class="tsd-kind-type-alias">Credentials</a>.

loginWithOTP

• loginWithOTP(parameters: LoginWithOTPOptions): Promise<Credentials>

  Log in a user using the One Time Password code after they have received the 'mfa_required' error. The MFA token tells the server the username or email, password, and realm values sent on the first request.

  Requires your client to have the MFA OTP Grant Type enabled. See Client Grant Types to learn how to enable it.

  Parameters

  • parameters: LoginWithOTPOptions

  Returns Promise<Credentials>

  A populated instance of <a href="../types/Credentials.html" class="tsd-kind-type-alias">Credentials</a>.

loginWithRecoveryCode

• loginWithRecoveryCode(
      parameters: LoginWithRecoveryCodeOptions,
  ): Promise<Credentials>

  Log in a user using a multi-factor authentication Recovery Code after they have received the 'mfa_required' error. The MFA token tells the server the username or email, password, and realm values sent on the first request.

  Requires your client to have the MFA Grant Type enabled. See Client Grant Types to learn how to enable it.

  Parameters

  • parameters: LoginWithRecoveryCodeOptions

  Returns Promise<Credentials>

  A populated instance of <a href="../types/Credentials.html" class="tsd-kind-type-alias">Credentials</a>.

loginWithSMS

• loginWithSMS(parameters: LoginWithSMSOptions): Promise<Credentials>

  Completes the Passworldess authentication with an SMS connection that was started using <a href="#passwordlesswithsms" class="tsd-kind-method">passwordlessWithSMS</a>.

  Parameters

  • parameters: LoginWithSMSOptions

  Returns Promise<Credentials>

  A populated instance of <a href="../types/Credentials.html" class="tsd-kind-type-alias">Credentials</a>.

logoutUrl

• logoutUrl(parameters: LogoutUrlOptions): string

  Builds the full logout endpoint url in the Authorization Server (AS) with given parameters.

  Parameters

  • parameters: LogoutUrlOptions

  Returns string

  A URL to the logout endpoint with specified parameters

  See

  https://auth0.com/docs/api/authentication#logout

multifactorChallenge

• multifactorChallenge(
      parameters: MultifactorChallengeOptions,
  ): Promise<MultifactorChallengeResponse>

  Request a challenge for multi-factor authentication (MFA) based on the challenge types supported by the application and user. The challenge type is how the user will get the challenge and prove possession. Supported challenge types include: "otp" and "oob".

  Parameters

  • parameters: MultifactorChallengeOptions

  Returns Promise<MultifactorChallengeResponse>

  <a href="../types/MultifactorChallengeOTPResponse.html" class="tsd-kind-type-alias">MultifactorChallengeOTPResponse</a>, <a href="../types/MultifactorChallengeOOBResponse.html" class="tsd-kind-type-alias">MultifactorChallengeOOBResponse</a>, or <a href="../types/MultifactorChallengeOOBWithBindingResponse.html" class="tsd-kind-type-alias">MultifactorChallengeOOBWithBindingResponse</a> depending on the challenge type.

passwordlessWithEmail

• passwordlessWithEmail(parameters: PasswordlessWithEmailOptions): Promise<void>

  Starts the Passworldess flow with an email connection.

  This should be completed later using a call to <a href="#loginwithemail" class="tsd-kind-method">loginWithEmail</a>, passing the OTP that was sent to the user.

  Parameters

  • parameters: PasswordlessWithEmailOptions

  Returns Promise<void>

passwordlessWithSMS

• passwordlessWithSMS(parameters: PasswordlessWithSMSOptions): Promise<void>

  Starts the Passwordless flow with an SMS connection.

  This should be completed later using a call to <a href="#loginwithsms" class="tsd-kind-method">loginWithSMS</a>, passing the OTP that was sent to the user.

  Parameters

  • parameters: PasswordlessWithSMSOptions

  Returns Promise<void>

passwordRealm

• passwordRealm(parameters: PasswordRealmOptions): Promise<Credentials>

  Performs Auth with user credentials using the Password Realm Grant

  Parameters

  • parameters: PasswordRealmOptions

  Returns Promise<Credentials>

  A populated instance of <a href="../types/Credentials.html" class="tsd-kind-type-alias">Credentials</a>.

  See

  https://auth0.com/docs/api-auth/grant/password#realm-support

refreshToken

• refreshToken(parameters: RefreshTokenOptions): Promise<Credentials>

  Obtain new tokens using the Refresh Token obtained during Auth (requesting offline_access scope)

  Parameters

  • parameters: RefreshTokenOptions

  Returns Promise<Credentials>

  A populated instance of <a href="../types/Credentials.html" class="tsd-kind-type-alias">Credentials</a>.

  See

  https://auth0.com/docs/tokens/refresh-token/current#use-a-refresh-token

resetPassword

• resetPassword(parameters: ResetPasswordOptions): Promise<void>

  Request an email with instructions to change password of a user

  Parameters

  • parameters: ResetPasswordOptions

  Returns Promise<void>

revoke

• revoke(parameters: RevokeOptions): Promise<void>

  Revoke an issued refresh token

  Parameters

  • parameters: RevokeOptions

  Returns Promise<void>

userInfo

• userInfo(parameters: UserInfoOptions): Promise<User>

  Return user information using an access token

  Parameters

  • parameters: UserInfoOptions

  Returns Promise<User>

  The user's profile information.