This sample demonstrates how to make secure calls to an API after authenticating a user with Auth0. The calls to the API are made with the user's access_token. The sample uses the Angular CLI.
If you haven't already done so, sign up for your free Auth0 account and create a new client in the dashboard. Find the domain and client ID from the settings area and add the URL for your application to the Allowed Callback URLs box. If you are using the server provided by the Angular CLI, that URL is http://localhost:4200.
You must ensure that the APIs section is enabled in your Auth0 dashboard. To do so, go to the Advanced Settings area and verify that Enable APIs Section is switched on. Next, navigate to APIs in the sidebar and create a new API. The identifier for your API will be required later.
Clone the repo or download it from the Angular quickstart page in Auth0's documentation. Install the Angular CLI and the dependencies for the app.
npm install -g @angular/cli
cd 03-Calling-API
npm installIf you download the sample from the quickstart page, it will come pre-populated with the client ID and domain for your application. If you clone the repo directly from Github, rename the auth0-variables.ts.example file to auth0-variables.ts and provide the client ID and domain there. This file is located in src/app/auth/.
You should also provide the identifier for the API you create in the Auth0 dashboard as your apiUrl.
In addition to the above-mentioned auth0-variables.ts file, a .env file is provided at the root of the application. This file provides your application's credentials to the small Node server located in server.js.
This file has two values, AUTH0_AUDIENCE and AUTH0_DOMAIN. If you download this sample from the quickstart page, the value for AUTH0_DOMAIN will be populated automatically, but you will still need to populate AUTH0_AUDIENCE manually. The value for AUTH0_AUDIENCE is the identifier used for an API that you create in the Auth0 dashboard.
The development server that comes with the Angular CLI can be used to serve the application.
npm startThe application will be served at http://localhost:4200.
Auth0 helps you to:
- Add authentication with multiple authentication sources, either social like Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, amont others, or enterprise identity systems like Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider.
- Add authentication through more traditional username/password databases.
- Add support for linking different user accounts with the same user.
- Support for generating signed Json Web Tokens to call your APIs and flow the user identity securely.
- Analytics of how, when and where users are logging in.
- Pull data from other sources and add it to the user profile, through JavaScript rules.
- Go to Auth0 and click Sign Up.
- Use Google, GitHub or Microsoft Account to login.
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
This project is licensed under the MIT license. See the LICENSE file for more info.