Auth0 OpenID Connect

Auth0 OpenID Connect (OIDC) implementation. Separate from the previous Auth0OAuth2 backend, as it builds on the base OIDC backend.

IdP Setup

To configure Auth0:

1. Log into your Auth0 Dashboard

2. Navigate to Applications > Create Application

3. Select Regular Web Applications

4. In the application settings, configure:

   • Allowed Callback URLs: https://your-domain.com/complete/auth0-openidconnect/

   • Allowed Logout URLs: https://your-domain.com/logout/ (if using logout)

   • Allowed Web Origins: https://your-domain.com

5. Note the Domain (e.g., mytenant.auth0.com), Client ID, and Client Secret

Application Configuration

Use the values from your Auth0 application:

SOCIAL_AUTH_AUTH0_OPENIDCONNECT_DOMAIN = 'mytenant.auth0.com'
SOCIAL_AUTH_AUTH0_OPENIDCONNECT_KEY = '<client_id>'
SOCIAL_AUTH_AUTH0_OPENIDCONNECT_SECRET = '<client_secret>'

Scopes

The default scope is ["openid", "profile", "email"]. In order to support refresh tokens/long-lived logins, you may want to add the offline_access scope:

SOCIAL_AUTH_AUTH0_OPENIDCONNECT_SCOPE = 'openid profile email offline_access'