[New plugin] 🔒 Auth0 integration

@vparpoil Do you know if it’s possible to use Auth0 with Italian Government Autentication System (SPID), or European Identity Digital system (EIDA)?
Thanks a lot.

I have no idea about such Auth0 capability. I googled around and found no evidence of such an integration. I guess both system are based on standards (like oauth) and could be implemented in Bubble itself

1 Like

This has been working great for me. The only real issue I have is the processing of the access token when the user is redirected back to Bubble takes an age. It’s quite jarring and can appear like the login has failed.

I’m thinking a possible way to address this would be to show an alert/popup on the first page view if the access_token parameter is present in the URL with some loading text.

Hi Andy,
Thanks for your feedback, I’m happy to know it works well for you :slight_smile:
There is a server side verification that is made at this particular point. Talking between servers can take time due to network latency. In the demo app, you can see how we put a spinner on the button while the operation was running . The editor of the app is open (link on top right corner) if you want to check the implementation of the spinner part.

Great, thanks. The spinner trick is neat I’ll give that a go.

Does you plugin support logging in the user after a password reset? Currently they need to enter their password twice during the reset flow. It would be great if the plugin could also handle this.

This is a great plugin - well done @vparpoil!
One of the key possible benefits for me is the ability to use the Auth0 passwordless login - I have configured it in Auth0 and enabled it for the app I’m using on Bubble, but it doesn’t show on the universal login page (the other social options do) - is this something that you need to enable within the plugin itself?

The main interesting bit for me on this is the ability then for it to use WebAuthn and the device’s own biometric facilities - very cool:

Hi @dos,
Regarding paswordless, I think it’s doable, I previously helped one bubbler to set it up but I don’t know if it worked at the end.

I think you need to do an extra setup in Auth0, here is the setup they recommend :

  1. Go to Dashboard > Universal Login and click the Login tab.
  2. Enable the Custom Login Page toggle, and select the Lock (passwordless) template. The HTML template will update with code using the Lock widget with passwordless customization options.
  3. Customize the template, and click Save Changes. You can use HTML and CSS to customize the login form. To learn more about how to customize the Lock (passwordless) template, see Auth0 Lock widget with Passwordless mode. You can preview customization changes. Make sure to select the correct application for which you want to preview the login page.

Here is a printscreen:

Please let me know if this works, indeed webauthn with the biometrics looks very cool !

Hi @andy25,
I don’t think auto login after a password reset is doable with Auth0. I read some docs on their website but it doesn’t looks like that this use case is available.
It looks like you can build your own reset password form in bubble and call the Auth0 management API to update the password, but it doesn’t seem ideal

We had the need of an ADFS authentication within bubble, we then tested this plugin, and contacted @vparpoil for an assistance … at the end the plugin is very efficient and the answer and reactivity to help our issue (one aspect was not yet developped into the plugin) has been incredibly quick and efficient !!
Thank you Victor for this new version !!

1 Like

Hi Victor,
Thank you for the Auth0 plugin. I have the following scenario to achieve user authentication with OIDC SSO protocol .
A set of users in the application would be required to authenticate with our IAM solution using the OpenIDConnect protocol to enable SSO. The JWT token has the necessary roles and permission details to grant the page access.

The remaining users will access the application using the existing [bubble.io]user management model to authenticate.

Could you confirm the auth0 provider supports the requirement?

Hi @kiran_kumar_somisett ,
Have you already connected Auth0 to your OIDC flow as an application ? If so, it will work with the plugin for this set of users.
To enable the second set of users to login with the bubble user management system, you need another user interface (UI) that doesn’t use the plugin and Auth0 to login. If you want to use the same UI, you need to use Auth0 login/password database as a connection for your app.

Feel free to email / DM me directly if more help is needed (I’m more responsive to emails (here is our page on bubble)

[Edit] I just saw your other post, so I understand you have a custom OIDC compliant system.

Here is the link to the Auth0 connexion : Connect to OpenID Connect Identity Provider

Please follow the steps to get it setup with Auth0, then the connexion should work with the plugin. Important : please use a generic name like oidc at step 2 because it will be the logical identifier for the connexion, and then I will be able to provide you with an update of the plugin allowing direct connexion with oidc client (and thus, your users will skip the Auth0 login page and go directly to yours, which is a better UX)

Keep me posted !

Thank you. I will take a look. I am new to bubble.io and Auth0. Is there a way i can have a call with technical team to discuss on the solution.

Sorry, but we don’t provide support by call. Don’t hesitate to email if needed.

Hi there,
New customer here. I plugged in auth0 and looks great. However, I wish I could use the metadata of auth0 users to handle role & permissions. Any chance I can do this through this plugin ?
If not, any suggestion ?
Tks a lot

Hi @vparpoil

This looks like a great plugin, very impressive!

It looks like it goes through auth0.com my plan is to use this plugin to enable my users to be able to give my bubble application authorization to read write, update and post on their social media accounts on their behalf (they could use my app to manage their social media and schedule posts).

I would also be using the Advanced use to collect users access_token that one can use to identify against the identity provider API (i.e.: twitter, facebook, etc)

The free plan say’s 7,000 active users and unlimited logins.

    1. Are there any hidden fee’s for my use case above (api calls, requests per minute, etc…)?

I can see the paid plan mentions 5 Actions, Rules, Hooks.

    1. What are these and would my use case be affected by these?

I appreciate any information you can provide!

Thank You.

Hi @luminrabbit ,
I actually never reached the limits of Auth0 free plan because I don’t create apps with a very large number of users. I think the free plan will be enough for your use case, I don’t see limits that could apply to you.

Actions, Rules, Hooks are internals for Auth0 to add some more mechanisms at login. I don’t think you will need much of those, see more details :

  • actions : Action Use Cases
  • hooks are triggers you can enable upon login or signup : like get a slack notification for new users, or create the user in your email marketing tool. I think you can manage hooks in your bubble app
  • rules : Rule Use Cases
1 Like

Hi @vparpoil

Thank you so much for getting back to me its greatly appreciated! Thank you for the links as well and taking the time to respond :slight_smile:

Thank You.

1 Like

Hi, @vparpoil

I just subscribed your plugin and started to use, but I wonder if I can have Password-less login via auth0 and later connect to Discord account so that the user can post messages to channels. I want to keep the signup/login process quite simple: Password-less login and nothing else. But I want my users be able to connect to their social accounts as many as they want only after the login process.

Hi @vparpoil ,

Thanks for the great plugin. It seems promising.

I have successfully enabled Password-less login along with your plugin.
Regarding the workflow Do when This url contains access_token, I see new entries are created every time the user login. Is this normal? Is that because I chose Password-less login in which signup and login process has identical ux/ui?

I want my users be able to connect to their SNS so that they can post messages and so on from my app. To make it simpler, I have a password-less signup/login implemented and it works great.

So, I used Auth0 -get social access token as follows.

So far I get nothing in return by clicking the button. What am doing wrong? I am also lost what to do next. Could you please help me out with this? If you can show a working example in the demo-editor, that would be great appreciated. Thank you so much!