We want to use username-password authentication and protect our APIs using Auth0. Our front end (both mobile and web app) should use Auth0 UI to login users. I have a few questions.
- From the UI, if the user is not logged in we want to redirect and use Auth0 UI to login user using their username and password (no social media stuffs). If the user does not have an account we want to use Auth0 “create user” api to create user (using username-password combination).
- Once login is completed, UI should call our backend API with tokens in the http header.
- Backend should validate using the tokens
How do I do the above simple flow? Since Auth0 documentation is mixing up a lot of things , it is hard to understand. Some documentations are well written but there are key areas where it is missing the context and difficult to follow through.
Thanks in advance.