How to use Auth0 with Uno Platform

VincentH_NET · February 16, 2024, 3:18pm

I am trying to use Auth0 with an Uno Platform application and Uno 's OIDC extension, which is a wrapper around IdentityModel.OidcClient.

The Uno template lists the following configuration settings, I believe this is a subset of the OidcClientOptions:

  "OidcAuthentication": {
    "Authority": "",
    "ClientId": "",
    "ClientSecret": "",
    "Scope": "openid profile email",
    "RedirectUri": "",
    "PostLogoutRedirectUri": ""
  },

My question is: given I create a “native” application in auth0 (so an Authorization Code Flow with PKCE), which settings do I need and which values should they have?

Thanks for your help!

rueben.tiow · February 23, 2024, 1:46am

Hi @VincentH_NET,

Welcome to the Auth0 Community!

I have just reviewed the Uno Platform documentation here, and it states that:

Authority: The URL of the identity provider.

ClientId and ClientSecret: The client ID and client secret that were provided to you.

Scope: The scope of the access token.

RedirectUri: The URL that the identity provider will redirect to after the user has authenticated.

Based on that, the OidcAuthentication settings you need from Auth0 will look something like the following:

  "OidcAuthentication": {
    "Authority": "https://{your-domain}.auth0.com/",
    "ClientId": "{your-native-app-clientId}",
    "ClientSecret": "{your-native-app-clientSecret}",
    "Scope": "openid profile email",
    "RedirectUri": "https://{your-callback-url}", //should match a URL in the Allowed Callback URLs list in your native app
    "PostLogoutRedirectUri": "https://{your-logout-url}" // should match a URL in the Allowed Logout URLs list in your native app
  },

Let me know if you have any additional questions.

Cheers,
Rueben

VincentH_NET · March 4, 2024, 7:32am

Hi @rueben.tiow, thanks for replying.

I asked about the values for the Authorization Code Flow with Proof Key for Code Exchange (PKCE) (auth0.com); this flow does not use client secret because there is no safe way to store the secret in a native app (native apps are public clients).

The Uno documentation seems incomplete; they only talk about client secret, which is a different flow (which was why I asked my question here).

Uno targets iOS, Android and WASM (amongst others). However it is not clear from their documentation what the URL values in the settings should look like in a native iOS / Android client or in a WASM client.

Could you give an example of the IdentityModel.OidcClient settings to use for an Authorization Code Flow with Proof Key for Code Exchange (PKCE) (auth0.com) for an Android / iOS / WASM app?

Thanks in advance!

andrea.chiarelli · March 11, 2024, 5:39pm

Hi @VincentH_NET,
You are right: a native app must not use a secret; it must use the Authorization Code Flow with PKCE.

I would like to suggest that you use our OIDC Client for .NET Desktop SDK, but I don’t know how it is compatible with Uno Platform (sorry, I’m not familiar with Uno). Anyway, you can take a look at its source code to understand how to use IdentityModel.OidcClient (yes, our SDK is a wrapper around this library too)

Basically, you should provide all the OidcClientOptions you reported above but the ClientSecret. Take a look at this code of our SDK.

I hope this helps.

rueben.tiow · March 12, 2024, 11:10pm

Thanks for helping on this one @andrea.chiarelli!