Skip Navigation
Show nav
Heroku Dev Center
  • Get Started
  • Documentation
  • Changelog
  • Search
  • Get Started
    • Node.js
    • Ruby on Rails
    • Ruby
    • Python
    • Java
    • PHP
    • Go
    • Scala
    • Clojure
  • Documentation
  • Changelog
  • More
    Additional Resources
    • Home
    • Elements
    • Products
    • Pricing
    • Careers
    • Help
    • Status
    • Events
    • Podcasts
    • Compliance Center
    Heroku Blog

    Heroku Blog

    Find out what's new with Heroku on our blog.

    Visit Blog
  • Log inorSign up
View categories

Categories

  • Heroku Architecture
    • Dynos (app containers)
    • Stacks (operating system images)
    • Networking & DNS
    • Platform Policies
    • Platform Principles
  • Command Line
  • Deployment
    • Deploying with Git
    • Deploying with Docker
    • Deployment Integrations
  • Continuous Delivery
    • Continuous Integration
  • Language Support
    • Node.js
    • Ruby
      • Working with Bundler
      • Rails Support
    • Python
      • Background Jobs in Python
      • Working with Django
    • Java
      • Working with Maven
      • Java Database Operations
      • Working with Spring Boot
      • Java Advanced Topics
    • PHP
    • Go
      • Go Dependency Management
    • Scala
    • Clojure
  • Databases & Data Management
    • Heroku Postgres
      • Postgres Basics
      • Postgres Getting Started
      • Postgres Performance
      • Postgres Data Transfer & Preservation
      • Postgres Availability
      • Postgres Special Topics
    • Heroku Data For Redis
    • Apache Kafka on Heroku
    • Other Data Stores
  • Monitoring & Metrics
    • Logging
  • App Performance
  • Add-ons
    • All Add-ons
  • Collaboration
  • Security
    • App Security
    • Identities & Authentication
    • Compliance
  • Heroku Enterprise
    • Private Spaces
      • Infrastructure Networking
    • Enterprise Accounts
    • Enterprise Teams
    • Heroku Connect (Salesforce sync)
      • Heroku Connect Administration
      • Heroku Connect Reference
      • Heroku Connect Troubleshooting
    • Single Sign-on (SSO)
  • Patterns & Best Practices
  • Extending Heroku
    • Platform API
    • App Webhooks
    • Heroku Labs
    • Building Add-ons
      • Add-on Development Tasks
      • Add-on APIs
      • Add-on Guidelines & Requirements
    • Building CLI Plugins
    • Developing Buildpacks
    • Dev Center
  • Accounts & Billing
  • Troubleshooting & Support
  • Integrating with Salesforce
  • Add-ons
  • All Add-ons
  • Auth0
Auth0

This add-on is operated by AUTH0 INC

Secure access for everyone. But not just anyone.

Auth0

Last updated July 18, 2022

Table of Contents

  • Provisioning the add-on
  • Local setup
  • Tutorials
  • Removing the add-on
  • Support

Auth0 is an add-on for providing single sign on and user management with social and enterprise identities.

  • Enable Email/Password authentication and Single Sign On with brute force protection for all your apps (web, single page, native or hybrid).
  • Consolidate/migrate your own user repositories (PG, mySql, SQL Server, Mongo, etc.) under a single identity store as they login (no bulk import needed)
  • Add SAML authentication without worrying about the integration with multiple providers (ADFS, SiteMinder, PingFederate, Okta, OneLogin, etc.), we take care of that.
  • Add social authentication with Google, Facebook, Microsoft Account, 30+ others or any other OAuth2 provider.
  • Get a normalized user profile regardless of the provider used.
  • Add support for linking user accounts manually or automatically by email.
  • Pull data from other sources and add it to the user profile, through JavaScript rules.
  • Single Sign On with Third Party Apps/Platforms like WordPress, Zendesk, Drupal, and more.

Auth0 is accessible via an API and has supported client libraries for Ruby, Node.js and many others.

Provisioning the add-on

Auth0 can be attached to a Heroku application via the CLI:

A list of all plans available can be found here.

$ heroku addons:create auth0 --type=[nodejs|rails] --subdomain=myapp
-----> Adding Auth0 to sharp-mountain-4005... done, v18 (free)

Once Auth0 has been added you will have three settings on your app:

  • AUTH0_CLIENT_ID: the id that identifies your application.
  • AUTH0_CLIENT_SECRET: the secret for your application
  • AUTH0_DOMAIN: you will get your own subdomain on auth0
  • AUTH0_CALLBACK_URL: the url where auth0 will redirect the user after authentication
$ heroku config:get AUTH0_CLIENT_ID
9jf020kksfiuhifruiudtgudjsoeiuk

After installing Auth0 the application should be configured to fully integrate with the add-on.

Local setup

Environment setup

After provisioning the add-on it’s necessary to locally replicate the config vars so your development environment can operate against the service.

Though less portable it’s also possible to set local environment variables using export AUTH0_CLIENT_ID=value.

Use the Heroku Local command-line tool to configure, run and manage process types specified in your app’s Procfile. Heroku Local reads configuration variables from a .env file. To view all of your app’s config vars, type heroku config. Use the following command to add the values retrieved from heroku config to your .env file.

$ heroku config -s | grep 'AUTH0_CLIENT_ID\|AUTH0_CLIENT_SECRET\|AUTH0_DOMAIN' | tee -a .env

Credentials and other sensitive configuration values should not be committed to source-control. In Git exclude the .env file with: echo .env >> .gitignore.

For more information, see the Heroku Local article.

If you are trying from localhost you might want to change or add localhost as the callback url

Tutorials

The tutorials will be customized with your own API keys if you are logged in to the dashboard.

Login to Auth0 Dashboard

$ heroku addons:open auth0
Opening Auth0 for sharp-mountain-4005…

Or by visiting the Heroku Dashboard and selecting the application in question. Select Auth0 from the Add-ons menu.

Choose the right tutorial

  • Ruby on Rails Tutorial
  • Play 2 Scala
  • Node.js
  • PHP
  • PHP + Laravel
  • PHP + Symfony

Auth0 also helps with Single Page Apps with APIs. Here are some of the most popular ones:

  • Angular.js + Ruby on Rails API (uses JSON Web Tokens)
  • Ember + Node.js API (uses JSON Web Tokens)
  • React + Python API (uses JSON Web Tokens)
  • React + Java Spring API (uses JSON Web Tokens)

… and native and hybrid mobile apps with APIs.

  • iOS Swift + Go API (uses JSON Web Tokens)
  • Ionic + Node API (uses JSON Web Tokens)

There are a lot more tutorials/combinations on https://auth0.com/docs

Removing the add-on

Auth0 can be removed via the CLI.

This will destroy all associated data and cannot be undone!

$ heroku addons:destroy auth0
-----> Removing auth0 from sharp-mountain-4005... done, v20 (free)

Support

All Auth0 support and runtime issues should be submitted via on of the Heroku Support channels. Any non-support related issues or product feedback is welcome via the small question icon on the dashboard.

Keep reading

  • All Add-ons

Feedback

Log in to submit feedback.

Ziggeo Autodyne

Information & Support

  • Getting Started
  • Documentation
  • Changelog
  • Compliance Center
  • Training & Education
  • Blog
  • Podcasts
  • Support Channels
  • Status

Language Reference

  • Node.js
  • Ruby
  • Java
  • PHP
  • Python
  • Go
  • Scala
  • Clojure

Other Resources

  • Careers
  • Elements
  • Products
  • Pricing

Subscribe to our monthly newsletter

Your email address:

  • RSS
    • Dev Center Articles
    • Dev Center Changelog
    • Heroku Blog
    • Heroku News Blog
    • Heroku Engineering Blog
  • Heroku Podcasts
  • Twitter
    • Dev Center Articles
    • Dev Center Changelog
    • Heroku
    • Heroku Status
  • Facebook
  • Instagram
  • Github
  • LinkedIn
  • YouTube
Heroku is acompany

 © Salesforce.com

  • heroku.com
  • Terms of Service
  • Privacy
  • Cookies
  • Cookie Preferences