This configuration will allow you to use Auth0 as the identity management solution for an demo application that use Box app users to login to Box. This will allow a user to register an email with Auth0 and this will automatically create a Box app user and map it to the Auth0 user. The app itself consists of a Box UI Element loaded as the app user logged in.
See the below diagrams for details
Registration flow
Login flow
You will need both a Auth0 free developer account and a Box account
- Free Auth0 Dev account: https://auth0.com/signup?place=header&type=button&text=sign%20up
- Free Box Developer account: https://account.box.com/signup/developer
-
Create a new application Choose 'Regular Web Applications'
Give a name like 'box-auth0-demo' or similar
After creation, go to 'Settings'
-
Set allowed URLs
Add 'http://localhost:3000/callback' to the 'Allowed Callback URLs'
Add 'http://localhost:3000' to the 'Allowed Logout URLs'
Save changes
- Create a new JWT Application https://developer.box.com/guides/authentication/jwt/jwt-setup/
- App access level: App access only
- Application scopes: Read, Write, Manage users, Manage groups
- Advanced features: Generate user access tokens
- CORS Domains: http://localhost:3000
-
Download the json file with the private key This will be downloaded as json file with 12 lines. Remove all line ending to make it a single line
From
To
- Clone this repository and create an '.env' file in the root and add the following key/value pair
- AUTH0_CLIENT_ID=..from the settings page of your Auth0 app
- AUTH0_DOMAIN=..from the settings page of your Auth0 app
- AUTH0_CLIENT_SECRET=....from the settings page of your Auth0 app
- SESSION_SECRET=..random string
- AUTH0_CALLBACK_URL=http://localhost:3000/callback
- BOX_JWT=..jwt json config in a single line
-
Install dependencies
npm install
-
Run the app
npm start
This should bring up this website on localhost:3000 and you can go through the registration process
Welcome screen
Registration (sign up)
User mapping info
Folder created as the app user
The MIT License (MIT)
Copyright (c) 2021 Peter Christensen
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.