JWT token for guest/anonymous/unauthenticated users


Does Auth0 provides any way to provide JWT tokens for guest/anonymous/unauthenticated users?

I am asking for something similar to Firebase anonymous auth or AWS Cognito unauthenticated users.


1 Like

Hello there @eloypnd.lemonone! I checked with our TSE team and confirmed that there must be a user in Auth0 to create the Token. Please let me know if this helped answer your question. Thanks!

Thanks for your response @James.Morrison.

Do you know if this is a feature that Auth0 has on its roadmap?

I can’t speak with insight on that but I would highly recommend visiting Auth0.com/feedback and making the feature request!


Firebase/AWS have several services that need to be called with a token, so it makes sense for them to provide an ‘unauthenticated token’. However, in Auth0 there are no such services. If you build your own API, you can call it without being authenticated by not requiring a token in the header.

Can you help me understand what are you trying to accomplish?


1 Like

Hi Andres,
we have two use cases for the same problem:

  1. User starts using our API before signup, then signup occurs after some onboarding. Ideally we’d like to keep the same user id and/or link to the signed up user account afterwards
  2. Need for our app to make calls to Firebase/AWS as you mentioned (e.g. AWS AppSync). Currently we need to handle both token and something else for unauthenticated users. Would be much nice to have a simpler approach.
1 Like

We are facing a quite similar usecase as @fabrice. So such flow would be very much appreciated!

Any update on this issue? We’ve used AWS Cognito as a workaround ( it has user pools and unauthenticated IDs) but it’s not satisfactory. Just a suggestion: it would be great to have a new type of Auth0 connection such as Guest or Browser and be able to link IDs later on with a DB/Social/… ID

Hi Andres,
In our flows, Auth0 is used as an IdP, which provides the JWT token that we use to access AWS/Firebase APIs (Auth0 is configured there as an “OpenID Connect provider”).
For guest sessions /unauthenticated users, we cannot use the same approach therefore we have to generate a JWT token in another way: it’s not convenient to have different models/paths for unauth/auth users. It would be much more elegant if Auth0 had a feature to generate a guest identity+JWT token for unauth users that we could later on link identities