Skip to content

Auth0 setup

Start by creating an Auth0 tenant by signing up and following this process. The following steps require to have an active Auth0 tenant.

Application registration

Register your application in the menu Application -> Applications. Click on the Create application button to access the form.

Choose a name, and select Single Page Web Applications in the list. You should be redirected to the application landing page. Note the Client ID on top of the page for later.

In the Settings tab of the application:

  • Input the callback & logout URLs (typically the domain name of your instance of Kamea, or http://localhost:4200/ for the Angular debug environment)
  • Enable the Refresh Token Rotation if it's not already the case and set the Reuse Interval to 0
  • In Advanced Settings -> Grant Types, disable Implicit for security reasons as it has been deprecated for mobile apps and SPAs for security reasons.

API Registration

In the Application -> APIs menu, click on he Create API button. Fill the form and create the API. The identifier depends on your domain name. You can use http://localhost:3000 for local development mode.

Warning: If no API is created, no audience can be requested in the front-end when authenticating, which will lead Auth0 to return an opaque token that cannot be used for anything expect some Auth0 endpoints.

Restrict sign-up and sign-in

Users shouldn't be able to create their account without being invited to the plateform, but it is possible by default. To disable that feature:

  • Enable the setting Authentication / Database / [your database connection] / Settings / Disable signups
  • In the settings of your application, select the tab Connections and disable the Google authentication.