Skip to content
Migrating from NextAuth.js v4? Read our migration guide.

providers/auth0

Built-in sign in with Auth0 integration.

Auth0Profile

The returned user profile from Auth0 when using the profile callback. Reference.

Extends

Properties

app_metadata

app_metadata: object;

Custom fields that store info about a user that influences the user’s access, such as support plan, security roles (if not using the Authorization Core feature set), or access control groups. To learn more, read Metadata Overview.

blocked

blocked: boolean;

Indicates whether the user has been blocked. Importing enables subscribers to ensure that users remain blocked when migrating to Auth0.

created_at

created_at: Date;

Timestamp indicating when the user profile was first created.

email

email: string;

(unique) The user’s email address.

email_verified

email_verified: boolean;

Indicates whether the user has verified their email address.

family_name

family_name: string;

The user’s family name.

given_name

given_name: string;

The user’s given name.

identities

identities: {
[key: string]: any;   connection: string;
  isSocial: boolean;
  profileData: object;
  provider: string;
  user_id: string;
  }[];

Contains info retrieved from the identity provider with which the user originally authenticates. Users may also link their profile to multiple identity providers; those identities will then also appear in this array. The contents of an individual identity provider object varies by provider. In some cases, it will also include an API Access Token to be used with the provider.

last_ip

last_ip: string;

IP address associated with the user’s last login.

last_login

last_login: Date;

Timestamp indicating when the user last logged in. If a user is blocked and logs in, the blocked session updates last_login. If you are using this property from inside a Rule using the user< object, its value will be associated with the login that triggered the rule; this is because rules execute after login.

last_password_reset

last_password_reset: Date;

Timestamp indicating the last time the user’s password was reset/changed. At user creation, this field does not exist. This property is only available for Database connections.

logins_count

logins_count: number;

Number of times the user has logged in. If a user is blocked and logs in, the blocked session is counted in logins_count.

multifactor

multifactor: string;

List of multi-factor providers with which the user is enrolled.

name

name: string;

The user’s full name.

nickname

nickname: string;

The user’s nickname.

phone_number

phone_number: string;

The user’s phone number. Only valid for users with SMS connections.

phone_verified

phone_verified: boolean;

Indicates whether the user has been verified their phone number. Only valid for users with SMS connections.

picture

picture: string;

URL pointing to the user’s profile picture.

sub

sub: string;

The user’s unique identifier.

updated_at

updated_at: Date;

Timestamp indicating when the user’s profile was last updated/modified. Changes to last_login are considered updates, so most of the time, updated_at will match last_login.

user_id

user_id: string;

(unique) The user’s identifier. Importing allows user records to be synchronized across multiple systems without using mapping tables.

user_metadata

user_metadata: object;

Custom fields that store info about a user that does not impact what they can or cannot access, such as work address, home address, or user preferences. To learn more, read Metadata Overview.

username

username: string;

(unique) The user’s username.


default()

default(config): OIDCConfig<Auth0Profile>

Setup

Callback URL

https://example.com/api/auth/callback/auth0

Configuration

import { Auth } from "@auth/core"
import Auth0 from "@auth/core/providers/auth0"
 
const request = new Request(origin)
const response = await Auth(request, {
  providers: [
    Auth0({
      clientId: AUTH0_ID,
      clientSecret: AUTH0_SECRET,
    }),
  ],
})

Resources

Notes

The Auth0 provider comes with a default configuration. To override the defaults for your use case, check out customizing a built-in OAuth provider.

Help

If you think you found a bug in the default configuration, you can open an issue.

Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec, we might not pursue a resolution. You can ask for more help in Discussions.

Parameters

ParameterType
configOIDCUserConfig<Auth0Profile>

Returns

OIDCConfig<Auth0Profile>

Auth.js © Balázs Orbán and Team - 2025