Skip to content
Auth0 integration for Cordova apps
Branch: master
Clone or download
luisrudge Merge pull request #99 from auth0/snyk-fix-qjnzqe
[Snyk] Fix for 1 vulnerable dependencies
Latest commit 438f68e Feb 22, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
dist Update to handle Auth0.js 9 and Update Example to Cordova 8.0 Dec 26, 2017
src Update to handle Auth0.js 9 and Update Example to Cordova 8.0 Dec 26, 2017
.eslintrc Add linter May 7, 2017
.gitignore Added Test run in CI Aug 20, 2018
.npmignore Refactor some parts of lib. May 7, 2017 Release v0.2.0 Jul 8, 2017
codecov.yml Add Codecov config Aug 20, 2018
package.json fix: package.json & package-lock.json to reduce vulnerabilities Feb 22, 2019

Auth0 Cordova

Library to make it easy to integrate Auth0 login in your Cordova applications.


The library requires these two cordova plugins to work:

  • cordova-plugin-safariviewcontroller: Shows Safari/Chrome browser ViewController/CustomTab
  • cordova-plugin-customurlscheme: Handles the custom scheme url intents for callback

you'll need to run

cordova plugin add cordova-plugin-safariviewcontroller
cordova plugin add cordova-plugin-customurlscheme --variable URL_SCHEME={application package name} --variable ANDROID_SCHEME={application package name} --variable ANDROID_HOST={auth0 domain} --variable ANDROID_PATHPREFIX=/cordova/{application package name}/callback

In cordova applications, the application package name is the widget's identifier in config.xml

So if you have the following values

  • application package name or widget identifier: com.auth0.cordova.example
  • auth0 domain:

in your config you should have some entries like

<preference name="AndroidLaunchMode" value="singleTask" />
<plugin name="cordova-plugin-customurlscheme" spec="~4.2.0">
    <variable name="URL_SCHEME" value="com.auth0.cordova.example" />
    <variable name="ANDROID_SCHEME" value="com.auth0.cordova.example" />
    <variable name="ANDROID_HOST" value="" />
    <variable name="ANDROID_PATHPREFIX" value="/cordova/com.auth0.cordova.example/callback" />
<plugin name="cordova-plugin-safariviewcontroller" spec="~1.4.6" />


From npm

npm install @auth0/cordova

then in your index.js you need to register the url handler ondeviceready

var Auth0Cordova = require('@auth0/cordova');

function main() {
    function handlerUrl(url) {
    window.handleOpenURL = handlerUrl;
    // init your application

document.addEventListener('deviceready', main);


const auth0 = new Auth0Cordova({
  domain: "{YOUR_AUTH0_DOMAIN}",
  clientId: "{YOUR_AUTH0_CLIENT_ID}",
  packageIdentifier: "{WIDGET_ID_IN_CONFIG_XML}"

const options = {
  scope: 'openid profile',

auth0.authorize(options, function (err, result) {
  if (err) {
    // failure
  // success!

This will open your tenant's hosted login page in the OS browser and will use OAuth 2.0 code grant flow with Proof Key for Code Exchange.


For more information about our API please check our online documentation

Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

For auth0 related questions/support please use the Support Center.

Common Issues

  1. The plugin is not working in Ionic / Cordova dev app.

    The plugin needs to be deployed on a real device to function, this is so because the dev apps do not add the necessary plugins needed for this library to function correctly. You'll need to either create a clone / fork of the Dev App or need to deploy it to a real device to test.

  2. The app hangs after authentication

    If 1 does not solve your problem, please make sure you have cordova-plugin-customurlscheme installed or an appropirate plugin to handle the callback (like deeplinks / universal links) and you are handling the callback appropriately




This project is licensed under the MIT license. See the LICENSE file for more info.

You can’t perform that action at this time.