Auth0 is blocked in Russia

acyxou · 2018-05-06 17:49:40 UTC

Hi all!

I am using Auth0 with my webapp and with the Wordpress site. My webapp is mostly used by Russians and as you might already know recently russian government has blocked about 19 million IP addresses (AWS, Google Cloud, Digital Ocean, etc) in order to block Telegram messenger in Russia. The fun thing is that Telegram is still working in Russia but many services are blocked due to IP addresses blacklisting. And my Auth0’s subdomain which is myproject.eu.auth0.com is blocked too and as result my users can’t authenticate to my webapp anymore without proxy server or VPN on the client side. To solve the problem, I’ve created a reverse proxy server in Russian data center which forwards all requests to myproject.eu.auth0.com but this does not work and results in some backend errors from Auth0 side, though the requests to myproject.eu.auth0.com are successfully hit the Auth0 server.

So I am really disappointed about all this and asking for help. Is there any way I can solve the problem of IP blacklisting without moving away from Auth0 to a selfhosted solution?

jeremy.meiss · 2018-05-07 16:02:45 UTC

Thanks for reaching out - it’s unfortunate that you are effected by the Russian government’s censoring of the Internet. At this time we only offer a workaround for those on our Developer plan and above.

sculpterra · 2018-05-11 09:54:45 UTC

Hi,
I have the same issue with the same goverment.

How exactly you fix this on the Developer plan? Is it uses other IP pools? Is there any guaranties that it would works?

jeremy.meiss · 2018-05-11 12:51:45 UTC

My apologies - it’s only enabled for Enterprise plans at this time.

acyxou · 2018-05-11 17:58:16 UTC

Hey, @sculpterra, thanks for your question. I thought that upgrading to Developer plan would allow me to use my own subdomain for authentication, but I knew that this won’t solve the problem.

I’ve decided to implement auth logic using auth0 for nodejs module on the backend and allow only Username/Password authentication on UI.This way the requests to Auth0 servers are not blocked, at least from my backend’s datacenter. As for authentication with Social network providers, I’ll have to disable it for a better times. I also consider moving to Keycloak eventually.

strannix.vagabondan · 2018-05-13 20:55:16 UTC

I have the same issue.
Does anybody have an idea how to address this problem via proxy-like servers?

tagir.sharipov · 2018-05-14 10:26:41 UTC

The same problem with me. If any workarounds exist? Maybe some alternatives to Auth0?

acyxou · 2018-05-14 11:00:27 UTC

As for me, I’ve decided to migrate from Auth0 to a self-hosted solution - Keycloak. But this will involve some development and configuration effort. And the first step would be to export all users from Auth0. I’ve tried to do this, but was unsuccessful.