JWT token for guest/anonymous/unauthenticated users

,

Does Auth0 provides any way to provide JWT tokens for guest/anonymous/unauthenticated users?

I am asking for something similar to Firebase anonymous auth or AWS Cognito unauthenticated users.

Thanks.

1 Like

Hello there @eloypnd.lemonone! I checked with our TSE team and confirmed that there must be a user in Auth0 to create the Token. Please let me know if this helped answer your question. Thanks!

Thanks for your response @James.Morrison.

Do you know if this is a feature that Auth0 has on its roadmap?

I canā€™t speak with insight on that but I would highly recommend visiting Auth0.com/feedback and making the feature request!

Hi!

Firebase/AWS have several services that need to be called with a token, so it makes sense for them to provide an ā€˜unauthenticated tokenā€™. However, in Auth0 there are no such services. If you build your own API, you can call it without being authenticated by not requiring a token in the header.

Can you help me understand what are you trying to accomplish?

Thanks

1 Like

Hi Andres,
we have two use cases for the same problem:

  1. User starts using our API before signup, then signup occurs after some onboarding. Ideally weā€™d like to keep the same user id and/or link to the signed up user account afterwards
  2. Need for our app to make calls to Firebase/AWS as you mentioned (e.g. AWS AppSync). Currently we need to handle both token and something else for unauthenticated users. Would be much nice to have a simpler approach.
1 Like

We are facing a quite similar usecase as @fabrice. So such flow would be very much appreciated!

Any update on this issue? Weā€™ve used AWS Cognito as a workaround ( it has user pools and unauthenticated IDs) but itā€™s not satisfactory. Just a suggestion: it would be great to have a new type of Auth0 connection such as Guest or Browser and be able to link IDs later on with a DB/Social/ā€¦ ID

Hi Andres,
In our flows, Auth0 is used as an IdP, which provides the JWT token that we use to access AWS/Firebase APIs (Auth0 is configured there as an ā€œOpenID Connect providerā€).
For guest sessions /unauthenticated users, we cannot use the same approach therefore we have to generate a JWT token in another way: itā€™s not convenient to have different models/paths for unauth/auth users. It would be much more elegant if Auth0 had a feature to generate a guest identity+JWT token for unauth users that we could later on link identities

3 Likes