Creating a Custom Login Screen without an Embedded Login

roshni1 · July 23, 2020, 2:37pm

Hi, I am looking into the possibility of using Auth0 for authentication/authorisation on a web app before subscribing. I have created a custom html/css UI outside of Auth0, and am now using Auth0.js and the authentication API to configure the login page. We plan on using the same parent domain across pages but I just wanted to clarify if this was an embedded login, and therefore less secure? This post suggests it is but having our login code with the rest of our webapp code is important to us and this method is the only way I have found of achieving this. It is even suggested here which I find surprising if this is indeed less secure?

Are there alternatives? Also, would having the html/css code in the Custom Login Form universal login SDK be an embedded login (this would not enable having all code in our own repo but I’m just curious). Thanks

dan.woda · July 23, 2020, 9:06pm

@roshni1,

Welcome to the Community!

If you customize the UL login page through the dashboard, that would not be an embedded login, but the code would be there, not in your app.

If you are interested in hearing the pros and cons between embedded and universal, take a look at this doc:

Let me know if that helps,
Dan

roshni1 · July 24, 2020, 9:20am

Hi, so just to confirm using the authentication APIs outside the dashboard creates an embedded login and is therefore less secure? Thanks

dan.woda · August 7, 2020, 1:20pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.