Auth0 Home Blog Docs

How to login with API (PHP)

auth0
api
login

#1

I’m a Japanese. So my English is maybe bad. Sorry.


I would like to use the login form I made.
Previously, I enabled user registration from the login form I made.

-> What dose it mean "connection is required"? I wanna use custom login form

Likewise, I would like to log in from a form I made with mail address and password.


But I do not know which API to use.
For example, the Sign UP API returns 400 if the user is already registered.
If there is more login API, there is no parameter to send mail address and password.

How do I create this?
If you know how to do this, please tell me.
Thank you.


#2

@ntkt

I would highly recommend using a simple redirect to /authorize and putting your custom UI in your Auth0 configuration. This is conforms to OIDC standards, and in the long run ends up a much better experience for customers and developers as your application ecosystem grows and you add more and more applications. You get a better SSO experience, and still have all of the control over the look and feel of the UI.

If you cannot use the above method then there are two ways that you can do an embedded form.

The first is to use cross-origin authentication.
Auth0.js can help with this. NOTE: that this flow only works in all environments if you are using custom domains.

The second would be to have your backend service call Auth0 using the Resource Owner Password Grant flow. This second method is not generally recommended except in cases where you really cannot use either a redirect flow to authorize, or the cross-origin-authentication. Since you must use a client secret, you will want to make this call from your backend only, not from the client side of your application. NOTE: this method requires a great deal of trust between your frontend, backend and the authorization service. It is rarely recommended to use this path and should only be used as a last resort.


#3

@Carlos_Mostek
Thank you for your reply!
Setting Auth0, I can do it!!

But you don’t recommend using this…
And Universal Login dose not same our service’s URL…
This is a tough one…


#4

@ntkt Your other request was for signup. That would be fine to do the signup using the method you described. For doing login, you will either need to use /co/authenticate or /authorize, or Resource Owner Password Grant as I mentioned in my last post.