Anonymous User Flow

TylerStillwater · November 26, 2021, 2:53am

Greetings!

I am currently evaluating Auth0 for our company, and I have hit a wall that may cause us to be unable to move forward with Auth0. I am hoping that is not the case, hence the post.

Essentially, we have need of some form of anonymous user. We are reducing friction and creating investment by allowing a user to go through a good portion of our flow before asking them to authenticate in any form.

As such, we need a way to identify that user/session and link it to the Auth0 user once they authenticate. Due to the way our auth layer works, we must have a JWT to handle authentication and authorization, even for an anonymous user.

Effectively, what this means is that I need to be able to manually generate a custom JWT with specific claims/roles/userID/etc that the client can use to authenticate until they log in through Auth0 and receive a “real” JWT.

Alternatively, if I could generate some kind of JWT with a unique ID inside it, then provide that to the client, that would also work, I believe. Custom claims aren’t strictly necessary.

Thus far I’ve not been able to find any way to do this with Auth0. Is this possible?

Thanks!

dan.woda · November 26, 2021, 7:29pm

Hi @TylerStillwater,

Welcome to the Auth0 Community!

This may be possible, but there isn’t a turn-key feature we offer to facilitate creating anonymous JWTs.

Using an Auth0 DB connection, you would need to provide some placeholder email, which you would later change to the user’s actual email. That’s the best way I can think of with the rigid constraints you’ve outlined here.

TylerStillwater · November 26, 2021, 7:42pm

Hey @dan.woda!

Thanks very much for the response!

I am very new (literally 1 day) to Auth0. Can you please point me to the appropriate docs to accomplish what you suggest?

A placeholder email should work great, assuming I can create a JWT with that email directly. Each incoming anonymous user would need their own.

Thanks again!

dan.woda · November 26, 2021, 9:25pm

You can create users using the Auth0 Management API v2 create users endpoint. You would need to figure out a strategy for updating the user’s email when they finally sign up. It is also important to consider the possible security implications of this type of flow.

This isn’t a a flow that Auth0 supports natively, and is going to require quite of bit of development/workaround on your end.

Topic		Replies	Views
How to generate a token for user (without having user login) Get Help jwt , auth0 , management-api	4	13918	August 27, 2019
JWT token for guest/anonymous/unauthenticated users JWT.io jwt , api	9	19199	June 4, 2019
Manage anonymous user flow Get Help custom-database , manage-users	4	8954	March 2, 2018
Use Client Id and Client Secret to Create a JWT for a User Get Help	2	6528	August 29, 2023
Authenticate with only unique device id Get Help jwt , auth0	2	3082	November 4, 2021

Anonymous User Flow

Related topics