Auth0 (Authentication System)

Auth0 is an identity platform that can handle sign in for your app (including Universal Login, social login, and enterprise sign in options).

What this system supports

• Auth0 Universal Login
• Sessions managed by Auth0
• Use Auth0 users in WeWeb authentication flows

Set up Auth0

1) Create an Auth0 Machine-to-Machine application

WeWeb uses a Machine-to-Machine (M2M) application to read your Auth0 configuration (for example, listing available apps).

In Auth0:

1. Go to Applications.
2. Create an application of type Machine to Machine.
3. Authorize it to access the Auth0 Management API with these scopes:
   • read:clients
   • read:connections
   • read:organizations
   • read:resource_servers
4. Copy the Client ID and Client Secret.

2) Connect Auth0 in WeWeb

1. Go to Data & API → Authentication.
2. • A) If this is your first time opening the Authentication area, choose Auth0 when prompted.
   • B) If this is not your first time, open Configuration, click Switch authentication system, then select Auth0.
3. Create/select a Connection (per environment).
4. Fill the connection fields:
   • Domain (For example your-tenant.auth0.com)
   • M2M Client ID
   • M2M Client Secret
5. Select your SPA Application (WeWeb loads the list once M2M credentials are valid).
6. (Optional) Set:
   • API Audience
   • Custom Domain

Test sign in

1. Add a login flow in the Interface tab (for example a “Continue with Auth0” button).
2. Preview and sign in with a test user.
3. Confirm authentication works and protected content behaves as expected.

For page and API protection, see Users and roles →.

Auth0 workflow actions

Once Auth0 is connected, WeWeb gives you Auth0 actions in workflows such as:

• Login with Redirect
• Login with Popup
• Logout

Login with Redirect

The Login with Redirect action can also help you control the login experience with fields such as:

• Screen To open the login or sign up screen
• Connection To force a specific identity provider
• Organization For multi-tenant Auth0 setups
• Login Hint To prefill the user's email
• Additional Scopes When your Auth0 setup needs more than the default scopes
• Redirect Page To choose the page Auth0 should send the user back to after login

If you use Redirect Page, make sure that page URL is included in your Auth0 Allowed Callback URLs.

Logout

The Logout action supports two modes:

• Redirect To fully sign the user out through Auth0
• Local only To clear the session in the app without redirecting to Auth0

When using Redirect, you can also set:

• Post-Logout Redirect
• Federated Logout

If you use Post-Logout Redirect, make sure that page URL is included in your Auth0 Allowed Logout URLs.

Common pitfalls

“Failed to fetch Auth0 applications”

This usually means the M2M app is missing one of the required Auth0 Management API scopes, or the M2M credentials are incorrect.

Redirect URL errors in Auth0

Make sure your Auth0 application settings include the correct callback and logout URLs for each environment (preview and production).

Logout works locally but the Auth0 session is still active

This usually happens when the Logout action is set to Local only.

Use Redirect if you want Auth0 to fully clear the hosted session as well.

Reference

Connection fields

Field	Description
Domain	Your Auth0 tenant domain (your-tenant.auth0.com)
M2M Client ID	Client ID of the M2M application
M2M Client Secret	Client secret of the M2M application
SPA Application	Your Auth0 Single Page Application to use
API Audience	Optional identifier used for API access tokens
Custom Domain	Optional custom Auth0 domain