I am currently developing a mobile app in react native and using Auth0 for user management. I am using my own login, signup and forgot password screens instead of their lock widget. I was able to implement passwordless sms and email by calling their authentication api as well as account linking by using their management api. However, I am having difficulty authenticating in a user with their email and password through the api once they already have an account. It seems to me that there should be a single endpoint for this in which you include the email and password in the body of the request. I was wondering if anyone could help me understand how to simply login users using auth0's api. Thanks in advance.
Take a look at this react native (embedded login custom UI) sample (slightly dated) - wrote it around 6 months ago, but it should offer you good insights - https://github.com/auth0-samples/react-native-embedded-login
Sign in logic is here
Feel free to leave questions below.
For anyone who is still looking there is this step by step on their website on how to login with password via API: https://auth0.com/docs/get-started/authentication-and-authorization-flow/call-your-api-using-resource-owner-password-flow
And with this endpoint you can register a new account: https://auth0.com/docs/api/authentication#signup
Related
I'm working currently on the implementation of social login using react-native and aws cognito. For now, it's working well (with or without amplify), but the issue is that I have to open a webview using the cognito hosted UI, which redirect directly to Google / Facebook / Apple. So basically, when the user click on the google signin button, there is a messagethis kind of message "myapp wants to open amazoncognito to connect...". As a user experience, it is quite mediocre, so I am wondering if it is possible to implement a different signin flow so not to redirect to an external url.
I have tried the implemntation with react-native-google-signin, but in that case, I have to use aws federated identities instead of my user pool (typically, the gogole signin retrieve an id token that can be pass to cognito federated identities). So I do not really like that solution...
I don't know exactly the process of signing up with a social login provider but if someone has ever met the issue and found a user friendly way to implement it, I am obviously interested in the solution ! (One option would be to figure out how to use the IdToken generated by Google to sign the user in my Cognito user pool, the other would be to directly use an iframe to open facebook, google, apple, so at least the message would not appear).
Thank you for you help !
As I am new to mobile development and I am using react native. I am trying to implement external login(Facebook/Google) login, I got libraries using which I am able to get the details of user profile such as firstName, lastName, email from both Facebook and Google. Here my question is, is it right and safe to get details of the user profile, and calling register api to register/login and get the JWT token to land the application to home screen? Or is there any way that we can just click on Facebook/Google button by passing just provider name we can get all details from web api itself.
I feel, fetching the user profile details from web api is safer than getting user profile using react native library/sdk and then calling register api to register/login the same.
If there any link or Github reference please share the same for better and in details understanding.
Thanks In Advance.
You seems to have it figured out yourself. Call Google or other third party to retrieve user details such as email and name. Then call your own backend to register that user to your platform.
The next time user login using social login do a similar call to your backend to check if user with the details exist in your database and send a corresponding response back.
Check this link Google Login React Native. This reference is a little old one but might give you a heads up.
Note: You will need to have corresponding permissions enabled in providers developer console. Some cases you will get an access token after login/signup using social media. You will then need to fetch user data from corresponding provider using their api or SDK.
I'm using okta to sign-in to my react based web application. There is an edit action within the app that requires the user to re-enter his password. I've checked the docs and couldn't find anything similar. The closest I got to was the 're-authenticate' user part. However, that's only based on time. I want to achieve similar functionality based on an event(say, button click). Can I do this using refresh tokens? (I'm not clear about the whole idea of refresh token). Is there a workaround or a specific okta API that allows me to do this?
I have contacted Okta support and they advised me to use the Okta MFA factors(OTP to email/phone, Google Auth etc.) and not to prompt the user to enter a password.
MFA Factors API: https://developer.okta.com/docs/reference/api/factors/
I have multiple ember apps, but just one of them has the login page. I want to authenticate all of them with this unique page. How can I redirect other apps to an external login page using ember-simple-auth and redirect to the corresponding app after the authentication?
You need to write custom authenticator. In it's authenticate method I suggest to not redirect, but open a child window with login page. And that login page should be able to communicate with your ember app in some way (window.postMessage for example) in order to give your app auth token. Authenticator must wait until it receive answer (promise and timer will help with waiting). I used such method with google's oauth in node-webkit application (my authenticator opens google's oauth page where user prompted to give my app an access). I don't want to share a code because its too big, complex and have code specific to nw.js but I hope my answer will help. I used code of oauth2 authenticator to develop my own, it helped me a lot.
I followed the Firebase documentation to implement multiple authentication providers (Google and Facebook), and I am with the problem that I do not know how to solve.
Assuming my new User has Google providers and facebook with different emails is possible to perform the following login flow ?.
User enters the first app and resolves login with your Google account
Firebase create an account and link Google her provider.
The user exits the application.
User again performs login to the app, however this time he chooses the Facebook provider (which has different email Google).
firebase links the Facebook provider the account that is already linked to Google provider.
The Firebase documentation has a complete page dedicated to account linking. The samples in the page link to a Github repo where you can see the code in the context of an entire app that demonstrates it.
There's little use in use replicating the documentation here. If you're having trouble making a specific step work, share what you've done and the minimal code that shows where you are stuck.