Having trouble setting up Auth0 for local development.
I have a react app running on localhost:3000, that uses @auth0/auth0-spa-js
I have a Hasura (http://hasura.io/) backend running on localhost:8080.
I’ve turned off “OIDC Conformant” under Advanced Settings of SPA app in Auth0.
I have some Rules that contact the backend over http. So for the Rules to reach my server running locally, I am using ngrok to expose localhost:8080 and pass that url through createAuth0Client as a custom param and use that in the Rule, via context.request.query.backendUrl as an example.
Is correct in that if I need to talk to my backend in one of the rules, I must expose my localhost:8080 over the public internet so it can be connected to? Or is there another way?
Rules are run on the Auth0 servers, so if you want the rules to output something to your backend they will need to be accessible over the internet, if the backend is only running on your local machine then ngrok would be needed for development purposes. I am not familiar with Hasura personally, but their example seems to rely on a heroku based app’s endpoint being available over the internet.
Please read our best practices for rules, for example amongst other things, we recommend to always use HTTPS when making any calls to external services/redirections.
I’m afraid there is no way to run Auth0 locally, the Auth0 service needs to be hosted in the cloud (or a private cloud depending on your subscription) - Deploy and Monitor
This means that any backend or service you have that needs to be called from the Auth0 service itself (from rules or custom DB scripts, for example) needs to be reachable over the public network.