Auth0 SDK for React Applications.
@auth0/auth0-react is in Early Access in order to get feedback to shape its design. That means:
- It is under active development so breaking changes are expected and we will do our best to communicate them.
- This is a private preview to Auth0 employees only.
- The library is not published onto npm.
- Feedback is actively solicited with the SDKs team.
- Full reviews and an audit of the library have not been completed.
- Installation
- Getting Started
- Other Use Cases
- Contributing
- Support + Feedback
- Vulnerability Reporting
- What is Auth0
- License
For Early Access, download the binary from the releases page: auth0-auth0-react-0.3.1.tgz.
Then install it from the folder you downloaded it to:
npm install ~/Downloads/auth0-auth0-react-0.3.1.tgzConfigure the SDK by wrapping your application in Auth0Provider:
// src/index.js
import React from 'react';
import ReactDOM from 'react-dom';
import { Auth0Provider } from '@auth0/auth0-react';
import App from './App';
ReactDOM.render(
<Auth0Provider
domain="YOUR_AUTH0_DOMAIN"
clientId="YOUR_AUTH0_CLIENT_ID"
redirectUri={window.location.origin}
>
<App />
</Auth0Provider>,
document.getElementById('app')
);Use the useAuth0 hook in your components to access authentication state (isLoading, isAuthenticated and user) and authentication methods (loginWithRedirect and logout):
// src/App.js
import React from 'react';
import { useAuth0 } from '@auth0/auth0-react';
function App() {
const {
isLoading,
isAuthenticated,
error,
user,
loginWithRedirect,
logout,
} = useAuth0();
if (isLoading) {
return <div>Loading...</div>;
}
if (error) {
return <div>Oops... {error.message}</div>;
}
if (isAuthenticated) {
return (
<div>
Hello {user.name} <button onClick={logout}>Log out</button>
</div>
);
} else {
return <button onClick={loginWithRedirect}>Log in</button>;
}
}
export default App;Use the withAuth0 higher order component to add the auth0 property to Class components:
import React, { Component } from 'react';
import { withAuth0 } from '@auth0/auth0-react';
class Profile extends Component {
render() {
const { user } = this.props.auth0;
return <div>Hello {user.name}</div>;
}
}
export default withAuth0(Profile);Protect a route component using the withAuthenticationRequired higher order component. Visits to this route when unauthenticated will redirect the user to the login page and back to this page after login:
import React from 'react';
import { withAuthenticationRequired } from '@auth0/auth0-react';
// Show a message while the user waits to be redirected to the login page.
const Redirecting = () => <div>Redirecting you to the login page...</div>;
const PrivateRoute = () => <div>Private</div>;
export default withAuthenticationRequired(PrivateRoute, Redirecting);Use a protected API with an Access Token:
import React, { useEffect, useState } from 'react';
import { useAuth0 } from '@auth0/auth0-react';
const Posts = () => {
const { getAccessTokenSilently } = useAuth0();
const [posts, setPosts] = useState(null);
useEffect(() => {
(async () => {
const token = await getAccessTokenSilently({
audience: 'https://api.example.com/',
scope: 'read:posts',
});
const response = await fetch('https://api.example.com/posts', {
headers: {
Authorization: `Bearer ${token}`,
},
});
setPosts(await response.json());
})();
}, [getAccessTokenSilently]);
if (!posts) {
return <div>Loading...</div>;
}
return (
<ul>
{posts.map((post, index) => {
return <li key={index}>{post}</li>;
})}
</ul>
);
};
export default Posts;See more examples in EXAMPLES.md
We appreciate feedback and contribution to this repo! Before you get started, please see the following:
For support or to provide feedback, please raise an issue on our issue tracker.
Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
Auth0 helps you to easily:
- Implement authentication with multiple identity providers, including social (e.g., Google, Facebook, Microsoft, LinkedIn, GitHub, Twitter, etc), or enterprise (e.g., Windows Azure AD, Google Apps, Active Directory, ADFS, SAML, etc.)
- Log in users with username/password databases, passwordless, or multi-factor authentication
- Link multiple user accounts together
- Generate signed JSON Web Tokens to authorize your API calls and flow the user identity securely
- Access demographics and analytics detailing how, when, and where users are logging in
- Enrich user profiles from other data sources using customizable JavaScript rules
This project is licensed under the MIT license. See the LICENSE file for more info.