Authenticate Users in a Single Page Application with Auth0

Share this video with your friends

Send Tweet

In this lesson, we take the previous API and front-end and we convert them to use Auth0 to replace our custom authentication server built in the previous lessons.

Max Zhukov
Max Zhukov
~ 6 years ago

Awesome course!

Jack
Jack
~ 6 years ago

What a surprise, more errors!!!!!!

UnauthorizedError: jwt issuer invalid. expected: https://jak-test.eu.auth0.com

Everything matches up across the Application and API in Auth0. The only thing I can see is that in the API jwtCheck, the audience url has the https prefix, whereas it doesn't in the frontend index.js file.

SOLUTION:

Make sure the jwtCheck in your API.js file uses double quotes ("") rather than single quotes (''), otherwise it is invalid JSON.

Jack
Jack
~ 6 years ago

Overall review of this course.

I did learn quite a bit in the first few lessons and it was really helpful.

You got really lazy near the end of the course. See my comments on the previous video about how you failed to help your students hook up the front end.

I think its also quite bad that you failed to make a distinction between the first half of the course, which is using JWT's for authorization purposes... using usernames and passwords; and the end of the course using Auth0 which is NOT for authorization purposes. Auth0 only grants permission to the app, it is on the provider to do build an authorization system that sits in front of that.

I feel that point should have been emphasised, otherwise the course just descends into people copy and pasting stuff without really learning.

A little bit more effort and you have a great course here.

Francis  Emefile
Francis Emefile
~ 6 years ago

Even though I have specified the callback url in the Application Setting on Auth0 platform, I am still gettting this error:

Callback URL mismatch. The URL "http://localhost:8081/index.html" is not in the list of allowed callback URLs.

Please, how can I resolve this?

Joel Lord
Joel Lord(instructor)
~ 6 years ago

Have you tried without the index.html?

Francis  Emefile
Francis Emefile
~ 6 years ago

Yes, I just tried it. The same error.

Harrison Ifeanyichukwu
Harrison Ifeanyichukwu
~ 6 years ago

Awesome course.

Brendan Whiting
Brendan Whiting
~ 6 years ago

Are there good resources for digging farther into some of these security topics (HS256, OpenIDConnect, OIDC Conformant, all the varies types and components of auth)? I’ve been watching some of the cryptography videos on Khan Academy but it’s mostly about theory not nuts and bolts. I know there is google and wikipedia but explainer videos help.

Fernando Barraza
Fernando Barraza
~ 5 years ago

Up and running with JWT , cheers!

Andrew
Andrew
~ 2 years ago

Very good introduction to Auth0 and other concepts. Big thanks!!!