Auth0 Rules Repository
An App initiates an authentication request to Auth0 (Step 1), Auth0 routes the request to an Identity Provider through a configured connection (Step 2). The user authenticates successfully (Step3), the
user object that represents the logged in user is then passed through the rules pipeline and returned to the app (Step 4).
A rule will run on Step 4 and this is the information each rule will get:
user: the user object as it comes from the identity provider.
context: an object containing contextual information of the current authentication transaction. It has the following properties:
clientID: the client id of the application the user is logging in to.
client_metadata: an optional object containing up to 10 key/value pairs
clientName: the name of the application (as defined on the dashboard).
connection: the name of the connection used to authenticate the user (e.g.:
connectionStrategy: the type of connection. For social connection
connection. For enterprise connections, the strategy will be
waad(Windows Azure AD),
auth0(database connections), etc.
protocol: the authentication protocol. Possible values:
oidc-basic-profile(most used, web-based login),
oidc-implicit-profile(used on mobile devices and single page apps),
oauth2-resource-owner(user/password login typically used on database connections),
samlp(SAML protocol used on SaaS apps),
wsfed(Ws-Federation used on Microsoft products like Office365),
wstrust-usernamemixed(Ws-trust user/password login used on CRM and Office365)),
delegation(during the exchange for a delegation token).
request: an object containing useful information of the request. It has the following properties:
query: querystring of the login transaction sent by the application
body: the body of the POST request on login transactions used on
userAgent: the user-agent of the client that is trying to log in.
ip: the originating IP address of the user trying to log in.
samlConfiguration: an object that controls the behavior of the SAML and WS-Fed endpoints. Useful for advanced claims mapping and token enrichment (only available for
Note that rules will also have access to several modules defined globally, including
auth0, referring to https://github.com/auth0/node-auth0. Other modules available within rules are defined at https://auth0.com/docs/appliance/modules (relevant to both appliance and cloud)
This is the rules editor inside Auth0:
- Update the markdown files to update the rule and commit your changes
- Update the version by executing:
npm version [patch|minor|major]
There is a
preversionscript in the
package.jsonfile that executes the following command:
./build && git add rules.json && git commit -m 'update rules.json
- Push your changes to master including the tags
git push origin master --tags
- Send events to MixPanel Docs | Rule
- Query User Profile in FullContact Docs | Rule
- Add a Lead in Salesforce Docs | Rule
- Get an Appery Session Token Rule
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
This project is licensed under the MIT license. See the LICENSE file for more info.