Class Auth0Connect

java.lang.Object
com.codename1.social.Login
com.codename1.social.Auth0Connect
public final class Auth0Connect extends Login

Sign-in via an Auth0 tenant. Auth0 is a fully OpenID-Connect compliant provider so this class is a very thin convenience over OidcClient -- it just builds the issuer URL from the tenant domain and configures sensible defaults.

Auth0Connect.getInstance()
    .withDomain("dev-xyz.us.auth0.com")
    .signIn(
        "YOUR_AUTH0_CLIENT_ID",
        "com.example.app:/oauth2redirect",
        "openid", "email", "profile")
    .ready(new SuccessCallback<OidcTokens>() { ... });

To request an Auth0 audience (so the access token can be used against your custom API) pass it via withAudience(String) before calling signIn(String, String, String...).

Since:
7.0.245

  • Method Details

    • getInstance

      public static Auth0Connect getInstance()

    • withDomain

      public Auth0Connect withDomain(String domain)
      Auth0 tenant domain (e.g. "dev-xyz.us.auth0.com"). Do not include the protocol -- it is always https://.

    • withAudience

      public Auth0Connect withAudience(String audience)
      Optional audience parameter for API authorization. When set, the access token issued by Auth0 will be a JWT valid against your API identifier instead of the default opaque token.

    • getDomain

      public String getDomain()

    • getAudience

      public String getAudience()

    • isNativeLoginSupported

      public boolean isNativeLoginSupported()
      Description copied from class: Login

      Returns true if this service supports native login. If implementation returns true here, the nativelogin, nativelogout, nativeIsLoggedIn should be implemented

      Returns

      true if the service supports native login

      Specified by:
      isNativeLoginSupported in class Login

    • validateToken

      protected boolean validateToken(String token)
      Description copied from class: Login

      Returns true if the previous granted access token is still valid otherwise false.

      Parameters
      • token: the access token to check
      Returns

      true of the token is valid

      Specified by:
      validateToken in class Login

    • signInWithPasskey

      public AsyncResource<OidcTokens> signInWithPasskey(String clientId, String realm, String... scopes)

      Signs the user in with an existing passkey via Auth0's WebAuthn grant. Routes through Auth0's /passkey/challenge + /oauth/token endpoints (grant_type=urn:okta:params:oauth:grant-type:webauthn).

      Requires the Auth0 tenant to have Passkeys enabled and the application to have the WebAuthn grant type allowed. The user must already have at least one passkey enrolled (use the standard signIn flow first and have the user enroll via Auth0's hosted page, or call registerPasskey(String, String, String, String, String...) for a new account).

      realm is the Auth0 Connection name (most often "Username-Password-Authentication").

      Available iOS 16+ and Android API 28+ via the system passkey providers. Fails fast with WebAuthnException.NOT_IMPLEMENTED on platforms that don't have a WebAuthn implementation.

      Since:
      7.0.245

    • registerPasskey

      public AsyncResource<OidcTokens> registerPasskey(String clientId, String realm, String email, String displayName, String... scopes)

      Enrolls a brand-new passkey credential for the given Auth0 user. The account is created on first registration (if the connection allows signup), or attached to an existing passwordless account by email.

      The flow is:

      1. POST /passkey/register with client_id, realm, user_profile. Response includes registration options.
      2. Run WebAuthnClient.create(PublicKeyCredentialCreationOptions) with those options.
      3. POST /oauth/token to swap the authenticator response for tokens.
      Since:
      7.0.245

    • signIn

      public AsyncResource<OidcTokens> signIn(String clientId, String redirectUri, String... scopes)