Hello Auth0 community,
I’m working on a Next.js 14 application and I’m trying to improve the security of my Auth0 integration. My goal is to retrieve the client_id and client_secret from Azure Key Vault instead of storing them in a local .env file.
I’m using the Auth0 SDK for Next.js and have set up a custom handleAuth route. Initially, I thought I could simply fetch the credentials from Azure Key Vault and pass them directly to the handleLogin function like this:
export const GET = handleAuth({
login: handleLogin({
authorizationParams: {
scope: 'openid profile email',
redirect_uri: redirectUri,
client_id: 'fetched_client_id_from_azure_key_vault',
},
returnTo: '/equipment',
}),
// ... other handlers
});
However, I’ve encountered two issues:
- Despite the TypeScript intellisense suggesting that
client_idis a valid property forauthorizationParams, when I add it, I still get a console error: “Uncaught Error: “clientID” is required”. - The official Auth0 documentation doesn’t list
client_idas a property ofAuthorizationParams.
This leads me to two questions:
- Is the Next.js Auth0 SDK’s TypeScript definition potentially misleading by suggesting
client_idas a valid property? - What’s the correct way to provide the
client_id(and potentiallyclient_secret) to the Auth0 SDK when they’re fetched from an external source like Azure Key Vault, rather than being stored in environment variables?
I’d greatly appreciate any insights or best practices for securely integrating Auth0 with Azure Key Vault in a Next.js 14 application. Thank you in advance for your help!