Angular + Nodejs New User flow

SpencerWF · October 10, 2022, 9:01pm

Please include the following information in your post:

Which SDK this is regarding:
SDK Version:
Platform Version:
Code Snippets/Error Messages/Supporting Details/Screenshots:

Hello,

I have an Angular front end (using Auth0’s single page application) and a nodejs API backend (trying to implement Auth0’s API functionality). My backend communicates with a MYSQL database for the project functionality.

I’m hoping to understand a few things:

How is it expected that an Angular Frontend and a Nodejs Backend API share a user when you sign in?
How does one access the app_metadata in the angular project? (This quickstart guide throws up a bunch of Typescript errors - Auth0 Angular SDK Quickstarts: Call an API)
When a project has a database and a new user signs in, is it best to use the Auth0 “Rules” to access the database on user creation and create an empty new user in my database that way?
Alternatively is it better when creating a new user to create them in my database and then from the (Nodejs) backend access the Auth0 database and leave user information there to connect the two?

Any help you can provide is greatly appreciated.
Cheers,
Spen

tyf · October 10, 2022, 11:12pm

Hey there @SpencerWF welcome to the community!

These are all great questions! I usually point to our architectural scenarios documentation first and foremost to serve as high level overview.

In an Auth0/OAuth/OIDC context this is all done via tokens (ID/Access).
Typically, this is added as a custom claim to a user’s ID and/or Access token, something like:

exports.onExecutePostLogin = async (event, api) => {
  const namespace = 'https://example.com';
    api.accessToken.setCustomClaim(`${namespace}/app_metadata`, event.user.app_metadata);
    api.idToken.setCustomClaim(`${namespace}/app_metadata`, event.user.app_metadata);
//additionally, user metadata
    api.accessToken.setCustomClaim(`${namespace}/user_metadata`, event.user.user_metadata);
    api.idToken.setCustomClaim(`${namespace}/user_metadata`, event.user.user_metadata);
};

Some more on custom claims and metadata.

You can certainly go the rule/action route - That is, inspect the user profile on login for some some of reference to your external DB, and if it does not exist then make the necessary calls to your backend.

Alternatively, you could use the ID token returned in the initial authentication exchange to create the user in your DB. Here’s a similar topic which should help:

You should be able to avoid a call the Management API altogether if you use the ID Token as mentioned previously.

Hopefully this helps clear things up a bit!

system · November 22, 2022, 10:43pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.