Secure custom UI login with the Authentication API

ben18 · August 8, 2022, 2:12pm

Our requirements have moved beyond the Universal login and now we want to implement a custom signup/login UI using the Authentication API (https://auth0.com/docs/api/authentication).

We use a Vue.JS front end and Spring boot backend. The plan is to wrap the Authentication API endpoints in the backend.

We want to understand what the security considerations are before doing this? Specifically, if we go down this route, are we sacrificing any security measures that were in place in the Universal login implementation? Have examined the docs but aren’t sure yet.

dan.woda · August 26, 2022, 9:06pm

Hi @ben18,

Welcome to the Auth0 Community!

Our docs are pretty extensive when it comes to the risks of the different styles of login, this doc in particular: Centralized Universal Login vs. Embedded Login

Also, it’s important to note that universal login essentially means redirect-based login, and doesn’t necessarily mean you are using Auth0’s UI. You can create a fully custom (bring your own HTML/CSS) login page and still be using Universal Login. The opposite would be an embedded login form.

This doc explains how to use Universal Login and your own UI: Customize Classic Universal Login Pages with Lock or SDK

Topic		Replies	Views
Custom Login vs Universal Login: customization and security Help custom-login	4	8437	July 5, 2019
Universal Login with custom UI Help login-experience , new-universal-login-experience	6	487	April 11, 2024
How to build a custom UI for password-less Universal login Help passwordless , login , universal-login	2	2358	July 21, 2022
Secure login for custom authentication Help home-realm-discovery , login-experience	0	1431	November 9, 2022
How do I implement a custom UI Login instead of using lock? Help	4	45404	February 7, 2019

Secure custom UI login with the Authentication API

Related Topics