React Native Auth0 - v5.5.0
    Preparing search index...

    Interface Auth0ContextInterface

    The contract for the value provided by the Auth0Context. This is the interface that developers will interact with when using the useAuth0 hook.

    interface Auth0ContextInterface {
        authorize: (
            parameters?: WebAuthorizeParameters,
            options?: NativeAuthorizeOptions,
        ) => Promise<Credentials>;
        clearSession: (
            parameters?: ClearSessionParameters,
            options?: NativeClearSessionOptions,
        ) => Promise<void>;
        saveCredentials: (credentials: Credentials) => Promise<void>;
        getCredentials: (
            scope?: string,
            minTtl?: number,
            parameters?: Record<string, unknown>,
            forceRefresh?: boolean,
        ) => Promise<Credentials>;
        clearCredentials: () => Promise<void>;
        hasValidCredentials: (minTtl?: number) => Promise<boolean>;
        getApiCredentials(
            audience: string,
            scope?: string,
            minTtl?: number,
            parameters?: Record<string, any>,
        ): Promise<ApiCredentials>;
        clearApiCredentials(audience: string): Promise<void>;
        cancelWebAuth: () => Promise<void>;
        loginWithPasswordRealm: (
            parameters: PasswordRealmParameters,
        ) => Promise<Credentials>;
        createUser: (parameters: CreateUserParameters) => Promise<Partial<User>>;
        resetPassword: (parameters: ResetPasswordParameters) => Promise<void>;
        authorizeWithExchange: (
            parameters: ExchangeParameters,
        ) => Promise<Credentials>;
        authorizeWithExchangeNativeSocial: (
            parameters: ExchangeNativeSocialParameters,
        ) => Promise<Credentials>;
        customTokenExchange: (
            parameters: CustomTokenExchangeParameters,
        ) => Promise<Credentials>;
        sendEmailCode: (parameters: PasswordlessEmailParameters) => Promise<void>;
        authorizeWithEmail: (
            parameters: LoginEmailParameters,
        ) => Promise<Credentials>;
        sendSMSCode: (parameters: PasswordlessSmsParameters) => Promise<void>;
        authorizeWithSMS: (parameters: LoginSmsParameters) => Promise<Credentials>;
        sendMultifactorChallenge: (
            parameters: MfaChallengeParameters,
        ) => Promise<MfaChallengeResponse>;
        authorizeWithOOB: (parameters: LoginOobParameters) => Promise<Credentials>;
        authorizeWithOTP: (parameters: LoginOtpParameters) => Promise<Credentials>;
        authorizeWithRecoveryCode: (
            parameters: LoginRecoveryCodeParameters,
        ) => Promise<Credentials>;
        revokeRefreshToken: (parameters: RevokeOptions) => Promise<void>;
        getDPoPHeaders: (
            params: DPoPHeadersParams,
        ) => Promise<Record<string, string>>;
        getSSOCredentials: (
            parameters?: Record<string, any>,
            headers?: Record<string, string>,
        ) => Promise<SessionTransferCredentials>;
        ssoExchange: (
            parameters: SSOExchangeParameters,
        ) => Promise<SessionTransferCredentials>;
        user: User | null;
        error: AuthError | null;
        isLoading: boolean;
    }

    Hierarchy (View Summary)

    Index

    Methods

    getApiCredentials clearApiCredentials

    Properties

    authorize clearSession saveCredentials getCredentials clearCredentials hasValidCredentials cancelWebAuth loginWithPasswordRealm createUser resetPassword authorizeWithExchange authorizeWithExchangeNativeSocial customTokenExchange sendEmailCode authorizeWithEmail sendSMSCode authorizeWithSMS sendMultifactorChallenge authorizeWithOOB authorizeWithOTP authorizeWithRecoveryCode revokeRefreshToken getDPoPHeaders getSSOCredentials ssoExchange user error isLoading

    Methods

    • Retrieves API-specific credentials.

      Parameters

      • audience: string

        The identifier of the API for which to get credentials.

      • Optionalscope: string

        The scopes to request for the new access token.

      • OptionalminTtl: number

        The minimum time-to-live (in seconds) required for the access token. If the token expires sooner, a refresh will be attempted.

      • Optionalparameters: Record<string, any>

        Additional parameters to send during the token refresh request.

      Returns Promise<ApiCredentials>

      A promise that resolves with the API credentials.

      If credentials cannot be retrieved or refreshed.

    • Removes cached credentials for a specific audience.

      Parameters

      • audience: string

        The identifier of the API for which to clear credentials.

      Returns Promise<void>

      A promise that resolves when the credentials are cleared.

    Properties

    authorize: (
        parameters?: WebAuthorizeParameters,
        options?: NativeAuthorizeOptions,
    ) => Promise<Credentials>

    Initiates the web-based authentication flow.

    Type Declaration

    If the authentication fails.

    clearSession: (
        parameters?: ClearSessionParameters,
        options?: NativeClearSessionOptions,
    ) => Promise<void>

    Clears the user's session and logs them out.

    Type Declaration

    If the logout fails.

    saveCredentials: (credentials: Credentials) => Promise<void>

    Saves the user's credentials.

    Type Declaration

      • (credentials: Credentials): Promise<void>

      • Parameters

        Returns Promise<void>

        A promise that resolves when the credentials have been saved.

    If the save fails.

    getCredentials: (
        scope?: string,
        minTtl?: number,
        parameters?: Record<string, unknown>,
        forceRefresh?: boolean,
    ) => Promise<Credentials>

    Retrieves the stored credentials, refreshing them if necessary.

    Type Declaration

      • (
            scope?: string,
            minTtl?: number,
            parameters?: Record<string, unknown>,
            forceRefresh?: boolean,
        ): Promise<Credentials>

      • Parameters

        • Optionalscope: string

          The scopes to request for the new access token (used during refresh).

        • OptionalminTtl: number

          The minimum time-to-live (in seconds) required for the access token.

        • Optionalparameters: Record<string, unknown>

          Additional parameters to send during the refresh request.

        • OptionalforceRefresh: boolean

          If true, forces a refresh of the credentials.

        Returns Promise<Credentials>

        A promise that resolves with the user's credentials.

    If credentials cannot be retrieved or refreshed.

    clearCredentials: () => Promise<void>

    Clears the user's credentials without clearing their web session and logs them out.

    Type Declaration

      • (): Promise<void>

      • Returns Promise<void>

        A promise that resolves when the credentials have been cleared.

    Platform specific: This method is only available in the context of a Android/iOS application.

    hasValidCredentials: (minTtl?: number) => Promise<boolean>

    Checks if a valid, non-expired set of credentials exists in storage. This is a quick, local check and does not perform a network request.

    Type Declaration

      • (minTtl?: number): Promise<boolean>

      • Parameters

        • OptionalminTtl: number

          The minimum time-to-live (in seconds) required for the access token to be considered valid. Defaults to 0.

        Returns Promise<boolean>

        A promise that resolves with true if valid credentials exist, false otherwise.

    cancelWebAuth: () => Promise<void>

    Cancels the ongoing web authentication process. This works only on iOS. On other platforms, it will resolve without performing an action.

    loginWithPasswordRealm: (
        parameters: PasswordRealmParameters,
    ) => Promise<Credentials>

    Authenticates a user with their username and password.

    Type Declaration

    This method is not supported on the web platform.

    If the authentication fails.

    createUser: (parameters: CreateUserParameters) => Promise<Partial<User>>

    Creates a new user in a database connection.

    Type Declaration

    If the user creation fails.

    resetPassword: (parameters: ResetPasswordParameters) => Promise<void>

    Resets the user's password.

    Type Declaration

    If the reset fails.

    authorizeWithExchange: (parameters: ExchangeParameters) => Promise<Credentials>

    Exchanges an authorization code for tokens. This is useful in advanced scenarios where you manage the code flow manually.

    Type Declaration

    If the exchange fails.

    authorizeWithExchangeNativeSocial: (
        parameters: ExchangeNativeSocialParameters,
    ) => Promise<Credentials>

    Exchanges an authorization code for native social tokens.

    Type Declaration

    If the exchange fails.

    customTokenExchange: (
        parameters: CustomTokenExchangeParameters,
    ) => Promise<Credentials>

    Exchanges an external identity provider token for Auth0 tokens. Uses RFC 8693 OAuth 2.0 Token Exchange specification.

    Type Declaration

    If the token exchange fails.

    const credentials = await customTokenExchange({
      subjectToken: 'external-provider-token',
      subjectTokenType: 'urn:acme:legacy-system-token',
      scope: 'openid profile email',
      audience: 'https://api.example.com',
      organization: 'org_123'
    });
    sendEmailCode: (parameters: PasswordlessEmailParameters) => Promise<void>

    Sends a verification code to the user's email.

    Type Declaration

    If sending the email code fails.

    authorizeWithEmail: (parameters: LoginEmailParameters) => Promise<Credentials>

    Authorizes a user with their email.

    Type Declaration

    If the authorization fails.

    sendSMSCode: (parameters: PasswordlessSmsParameters) => Promise<void>

    /**

    • Sends a verification code to the user's SMS.

    Type Declaration

    If sending the SMS code fails.

    authorizeWithSMS: (parameters: LoginSmsParameters) => Promise<Credentials>

    Authorizes a user with their SMS.

    Type Declaration

    If the authorization fails.

    sendMultifactorChallenge: (
        parameters: MfaChallengeParameters,
    ) => Promise<MfaChallengeResponse>

    Sends a multifactor challenge to the user.

    Type Declaration

    If sending the challenge fails.

    authorizeWithOOB: (parameters: LoginOobParameters) => Promise<Credentials>

    Authorizes a user with out-of-band (OOB) authentication.

    Type Declaration

    If the authorization fails.

    authorizeWithOTP: (parameters: LoginOtpParameters) => Promise<Credentials>

    Authorizes a user with a one-time password (OTP).

    Type Declaration

    If the authorization fails.

    authorizeWithRecoveryCode: (
        parameters: LoginRecoveryCodeParameters,
    ) => Promise<Credentials>

    Authorizes a user with a recovery code.

    Type Declaration

    If the authorization fails.

    revokeRefreshToken: (parameters: RevokeOptions) => Promise<void>
    getDPoPHeaders: (params: DPoPHeadersParams) => Promise<Record<string, string>>

    Generates DPoP headers for making authenticated requests to custom APIs. This method creates the necessary HTTP headers (Authorization and DPoP) to securely bind the access token to a specific API request.

    Type Declaration

      • (params: DPoPHeadersParams): Promise<Record<string, string>>

      • Parameters

        • params: DPoPHeadersParams

          Parameters including the URL, HTTP method, access token, and token type.

        Returns Promise<Record<string, string>>

        A promise that resolves to an object containing the required headers.

    const credentials = await getCredentials();

    if (credentials.tokenType === 'DPoP') {
      const headers = await getDPoPHeaders({
        url: 'https://api.example.com/data',
        method: 'GET',
        accessToken: credentials.accessToken,
        tokenType: credentials.tokenType
      });

      const response = await fetch('https://api.example.com/data', { headers });
    }
    getSSOCredentials: (
        parameters?: Record<string, any>,
        headers?: Record<string, string>,
    ) => Promise<SessionTransferCredentials>

    Obtains session transfer credentials for performing Native to Web SSO.

    Type Declaration

      • (
            parameters?: Record<string, any>,
            headers?: Record<string, string>,
        ): Promise<SessionTransferCredentials>

      • Parameters

        • Optionalparameters: Record<string, any>

          Optional additional parameters to pass to the token exchange.

        • Optionalheaders: Record<string, string>

          Optional additional headers to include in the token exchange request. iOS only - this parameter is ignored on Android.

        Returns Promise<SessionTransferCredentials>

        A promise that resolves with the session transfer credentials.

    This method exchanges the stored refresh token for a session transfer token that can be used to authenticate in web contexts without requiring the user to log in again. The session transfer token can be passed as a cookie or query parameter to the /authorize endpoint to establish a web session.

    Session transfer tokens are short-lived and expire after a few minutes. Once expired, they can no longer be used for web SSO.

    If Refresh Token Rotation is enabled, this method will also update the stored credentials with new tokens (ID token and refresh token) returned from the token exchange.

    Platform specific: This method is only available on native platforms (iOS/Android). On web, it will throw an error.

    // Get session transfer credentials
    const ssoCredentials = await getSSOCredentials();

    // Option 1: Use as a cookie (recommended)
    const cookie = `auth0_session_transfer_token=${ssoCredentials.sessionTransferToken}; path=/; domain=.yourdomain.com; secure; httponly`;
    document.cookie = cookie;
    window.location.href = `https://yourdomain.com/authorize?client_id=${clientId}&...`;

    // Option 2: Use as a query parameter
    const authorizeUrl = `https://yourdomain.com/authorize?session_transfer_token=${ssoCredentials.sessionTransferToken}&client_id=${clientId}&...`;
    window.location.href = authorizeUrl;

    https://auth0.com/docs/authenticate/single-sign-on/native-to-web/configure-implement-native-to-web

    ssoExchange: (
        parameters: SSOExchangeParameters,
    ) => Promise<SessionTransferCredentials>

    Exchanges a refresh token for session transfer credentials via the Authentication API.

    Type Declaration

    This method calls the Auth0 /oauth/token endpoint directly to exchange a refresh token for a session transfer token. Unlike getSSOCredentials() which uses the Credentials Manager, this method is intended for apps that manage their own tokens.

    Platform specific: This method is only available on native platforms (iOS/Android). On web, it will throw an error.

    https://auth0.com/docs/authenticate/single-sign-on/native-to-web/configure-implement-native-to-web

    user: User | null
    error: AuthError | null
    isLoading: boolean

    Settings

    Member Visibility

    On This Page

    Methods
    Properties