PATCH Auth0-domain/api/v2/clients/[client-id]
{
"custom_login_page": "<!DOCTYPE\nhtml> <html> <head> \n<meta\ncharset=\"utf-8\"> \n<meta\nhttp-equiv=\"X-UA-Compatible\"\ncontent=\"IE=edge,chrome=1\"> \n<title>Sign\nIn\nwith\nAuth0</title> \n<meta\nname=\"viewport\"\ncontent=\"width=device-width,\ninitial-scale=1.0\"\n/> \n<link\nrel=\"stylesheet\"\nhref=\"https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css\"> </head> \n<style> \nbody,\nhtml\n{ \nheight:\n100%; \nbackground-color:\n#f9f9f9; \n} \n.login-container\n{ \nposition:\nrelative; \nheight:\n100%; \n} \n.login-box\n{ \nposition:\nabsolute; \ntop:\n50%; \ntransform:\ntranslateY(-50%); \npadding:\n15px; \nbackground-color:\n#fff; \nbox-shadow:\n0px\n5px\n5px\n#ccc; \nborder-radius:\n5px; \nborder-top:\n1px\nsolid\n#e9e9e9; \n} \n.login-header\n{ \ntext-align:\ncenter; \n} \n.login-header\nimg\n{ \nwidth:\n75px; \n} \n#error-message\n{ \ndisplay:\nnone; \nwhite-space:\nbreak-spaces; \n} \n</style> <body> \n<div\nclass=\"login-co
saltukalakus
/ RefreshTokenStepUpRule.js
Last active
June 2, 2025 20:46
Step up authentication with refresh tokens.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function (user, context, callback) { | |
| // Only applied for the refresh token flow along with the special scope (e.g.: transfer:funds) that | |
| // will trigger the MFA step up. | |
| if (context.protocol === "oauth2-refresh-token" && | |
| context.request.body && | |
| context.request.body.scope && | |
| context.request.body.scope.indexOf('transfer:funds') > -1) { | |
| // Insert a custom claim in id token which would be checked along with amr claim |
saltukalakus
/ update_client.md
Created
April 19, 2022 15:42
Custom classic login page per application
saltukalakus
/ index.html
Last active
June 2, 2025 20:46
Custom Classic Universal Login Page with Email validation.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta charset="utf-8"> | |
| <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> | |
| <title>Sign In with Auth0</title> | |
| <meta name="viewport" content="width=device-width, initial-scale=1.0" /> | |
| <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css"> | |
| <script src="https://unpkg.com/validator@latest/validator.min.js"></script> | |
| </head> |
saltukalakus
/ ClassicMFA.html
Last active
June 2, 2025 20:46
Auth0 classic MFA page with disabled country selection
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <title>2nd Factor Authentication</title> | |
| <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /> | |
| <meta http-equiv="X-UA-Compatible" content="IE=edge"> | |
| <style type="text/css"> | |
| html, body { padding: 0; margin: 0; } |
saltukalakus
/ classic-mfa-page.html
Last active
June 2, 2025 20:46
Get the active client ID on the classic MFA page
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <title>2nd Factor Authentication</title> | |
| <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /> | |
| <meta http-equiv="X-UA-Compatible" content="IE=edge"> | |
| <style type="text/css"> | |
| html, body { padding: 0; margin: 0; } |
saltukalakus
/ curl.sh
Created
September 1, 2022 21:17
Auth0 New Universal Login Page template with parameters .
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl --request PUT \ | |
| --url https://saltukalakus.auth0.com/api/v2/branding/templates/universal-login \ | |
| --header 'Authorization: Bearer eyJ..redacted' \ | |
| --header 'Content-Type: text/html' \ | |
| --data '<!DOCTYPE html><html lang="{{locale}}"> | |
| <head> | |
| {%- auth0:head -%} | |
| <script> | |
| {% if prompt.name == "email-verification" %} | |
| console.log("Email-verification: ", "{{ transaction.params.ext-param }}" ); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta charset="utf-8"> | |
| <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> | |
| <title>Sign In with Auth0</title> | |
| <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0" /> | |
| <style> | |
| .auth0-lock-name { | |
| font-size: 14px !important; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| async function VerifyJWT (JwtToken) { | |
| const util = require('util') | |
| const jwksClientFactory = require('[email protected]') | |
| const jwt = require('[email protected]') | |
| const verify = util.promisify(jwt.verify) | |
| const jwksUri = `https://${configuration.tenant}/.well-known/jwks.json` | |
| const jwksClient = jwksClientFactory({ jwksUri }) | |
| const getSigningKeys = util.promisify(jwksClient.getSigningKeys).bind(jwksClient) | |
| const signingKeys = await getSigningKeys() |
saltukalakus
/ caution-account-auto-link-rule.js
Created
February 13, 2023 20:18
— forked from jatinvaidya/caution-account-auto-link-rule.js
CAUTION: Automatically Link Accounts with Verified Email
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // auto linking of accounts is NOT OK in most circumstances. | |
| // "user-initiated" or "prompted" account linking must be preferred. | |
| // https://auth0.com/docs/users/user-account-linking#scenarios | |
| function (user, context, callback) { | |
| console.log(`account-link rule called ${user.user_id}`); | |
| const request = require('request'); | |
| // Check if email is verified, we shouldn't automatically merge accounts if this is not the case. | |
| // Also, the requirement is to link a currently authenticating Enterprise (federated) Account with | |
| // an existing Auth0 Database Account, so thats the only combination we are allowing. | |
| if (!user.email || !user.email_verified || user.identities[0].provider === 'auth0') { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function migrateUsers(user, context, cb) { | |
| if (needMigration(user)) { | |
| // Ignoring how the values are retrieved from the legacy database | |
| var legacyProfile = { | |
| family_name: 'alakus', | |
| given_name: 'saltuk', | |
| user_metadata: { | |
| 'anotherMetadata' : '123' | |
| }, | |
| app_metadata: { |