Auth0
Auth0 quick start 1: SPA, web app, mobile, APIs
Login: through your app via a page you host (Embedded) or Auth0 hosts (Universal)
Universal Login 2: redirect, MFA, social, dynamic, no app changes
Embedded Login 3: not recommended; log directly to your app, transmit credentials to Auth0 server
Single Sign-On 4
Sessions: locally maintained | authorization server with SSO | IdP if social
A central domain performs authentication and then shares the session with other domains
SSO is only possible with native platforms (like iOS or Android) if the application uses Universal Login
| Acronym | Flavor | Provider | Direction |
|---|---|---|---|
| SP 5 | Service-Provider-initiated | Auth0 | inbound |
| IP 6 | Identity-Provider-initiated | a third-party Identity Provider | outbound |
| Native to Web 7 | Native to Web |
Glossary
| Term | Description |
|---|---|
| ASN | Authorized Services Network |
| B2B | business to business |
| CIBA | Client-Initiated Backchannel Authentication |
| IdP | Identity Provider. Service that stores and manages digital identities. Auth0 supports trusted social, enterprise, and legal identity providers. |
| FGA | fine-grained authorization |
| JWT | JSON Web Token |
| LDAP | Lightweight Directory Access Protocol |
| M2M | Machine-to-Machine |
| MFA | Multi-factor Authentication |
| OAuth 2.0 | Authorization framework that defines authorization protocols and workflows, roles, authorization 8 requests and responses, and token handling |
| OIDC | OpenID Connect authentication; extends OAuth 2.0 with protocols to verify user identity |
| PKCE | Proof Key for Code Exchange |
| RBAC | Role-Based Access Control |