I’m Gino and work as a Product Manager for a newly formed working group here at Auth0 called Developer Productivity team. Our mission is to craft seamless delightful developer experiences by accelerating time to value and making identity simpler and we’re all about improving the way you use our product everyday to have you in production in no time!
We really want to hear your frustrations (and joys why not?) when using Auth0. Right now we’re focused on the onboarding, initial set up and dashboard experience as a whole (Error messages, navigation, terminology, etc.) but we’re open to hear your thoughts on any other experience as well.
There are two ways in which you can contribute:
Leave a comment with your honest feedback on this topic
Book some time on our Calendar and we’ll be happy to have a quick 1:1 to hear you.
We’d love to know what you thought about your first experience with Auth0. Share your feedback so we can continue to improve the product and the experience for developers!
Hi @tore thanks for your feedback! I agree, having a direct access to our feedback page it’s definitely a good point. Any other thing you struggled with while implementing Auth0?
Yes, another annoyance is on the Applications → Settings form and when you press “Save changes” you don’t see next to the button if the save was successful or not, because the message “The changes have been saved.” message is shown at the top of the page/form and not next to the save button.
So, my suggestion is to also show the success/error messages after pressing the save button next to the button. Today you can press save and you think all is well, when in reality there’s an error displayed at the top of the page that you can’t see unless you actively scroll up the page.
I am grateful for Auth0 . The docs are very clear and beyond helpful. I was able to get started very quickly. I keep encountering an error that I’m certain is user error.
I plugged in pieces of the quickstart guide for the react-api and react-client implementation . I add the callback urls in setting. Sometimes it allows me to log in and sometimes I get an error message stating the Auth0 client cannot be found.
I’m absolutely going to second this. The docs are amazing and very detailed. One small annoyance with them that crops up every now and then is following a link and ending up at a 404… But with every changing docs, I absolutely understand that’s very hard to fully prevent (and it does happen only every so rarely).
I really like the dashboard. It allows me to access pretty much everything I need to access very quickly. There are just two things that come to mind:
When editing a user’s password, the dashboard doesn’t tell me if it’s compliant with the password policy for that connection. If it’s not, I don’t even get an error telling me that it’s not. It just does… nothing.
You can’t link and unlink user accounts from the dashboard. That would help a lot with quick troubleshooting. Jumping to the management API isn’t the biggest hurdle, but I’d like to just press a button to link or unlink (I know, I’m spoilt).
Glad to hear this one is getting fixed. You wouldn’t believe how often I edit application metadata, only to assume it saved automatically (the UX does kind of suggest that) and then pull my hairs out for ten minutes trying to figure out why my rules don’t properly trigger for that application
I am trying to get a working baseline NestJS + Angular app working with auth0. It’s really convenient that I see two tutorials with respective sample code posted by auth0 :
replace the configuration to match my auth0 app / api settings (domain, audience, and client ID )
update the app settings to match the article in auth0
Unfortunately, I am still unable to get sample applications working. I am unable to even get the sample HTTP calls described in the article, working in Postman. It’s still quite possible that it’s an error on my part, but I can’t identify what I’ve done wrong.
I’m experiencing the following specific issues:
Auth0 complained about getting no response from localhost:3000. Consequently, I’ve ensured the API sample responds to GET on / root
The sample lists ‘audience’ as ‘localhost:3000’. This results in a “Service not found error” until I looked at my API settings and updated the audience value to https://[mydomain].auth0.com/api/v2/. I was able to login successfully once.
Post a seemed to be a successful auth0 login, now I am still seemingly unable to get a new token. Now the error message is ‘Login required’ Tracking 93846645bfdf6ba500cc
auth0 keeps complaining about getting a 404 on http://localhost:4200/api/items, but it responds fine locally. Maybe the path should be updated to make the request to port 3000? UPDATE: the Angular app makes bad calls to the Nest API app i.e. It has a bad endpoint.
logging out doesn’t actually work, since it doesn’t seem to make a call to auth0
CORS isn’t enabled for the nest API app
Just noticed an issue for Application Settings. http://localhost:4200 is not treated the same as localhost:4200. This behavior is the probably the cause of 90% of my issues.
Hey there @blee, thank you for your feedback. I see that you are experiencing a number of issues and I would be happy to assist on them. Below I have tried to answer them but moving forward a separate Community topic may be the best place to further troubleshoot them.
After confirming with one of our senior engineers, the first step would be to revert back to the original audience (instead of the api/v2). The api/v2 audience is likely the cause of the service not found and the login required errors. Once the original audience has been returned, please verify the API is registered within Auth0.
Feel free to direct message me or create a new if you have any questions on this front. Thanks!
click login and enter your credentials to complete the process.
click logout.
click login.
That last click brings you back in without re-prompting for credentials. Of all sites, I’d expect Auth0 to follow the common practice of “logout means logout”. Also, this behavior means that to login under a different identity, I need to delete cookies/use private mode.
I have sent you a follow up direct message about this. When you get a moment if you could please give it a look I would appreciate it. Thank you for sharing this challenge!
@tore We fixed the saved settings notification in the Application settings screen. We also captured @thijmen96’s feedback regarding password policies and user accounts linking in the dashboard so we can inform future product improvements. Thanks a lot for the feedback!
individual samples to show focused aspects of the API are GOOD, but they themselves exhibit the problems that other people are posting about on this forum.
if the sample apps can’t successfully perform the authentication tasks, what hope is there for people just coming on?
specifically, the sample calling showLoginWithScope - call 1 works fine, call 2…n never shows the UX again - that’s such a bad design… the first two words are “show Login” - as in ALWAYS show it… not ‘show it, unless we think we don’t”
how about an actual real-world flow? buttons for “signup / sign in” with an optional “remember me”, followed by a “log out”, and have the automatic sign in occur if the user checks “remember me”, otherwise, back to the buttons
as it is right now, i’m in day 3 of trying to figure out how to make “showLogin”, show a login.
Are you looking at the sample in isolation or in tandem with the Quickstart? Be helpful if you could confirm which sample repo and chapter in particular you find the most confusing?
I’m hearing there is a miss alignment between some of the method names used in the sample and the expectation of what you think will happen. We could rename the method although it will not change the behaviour of Web Authentication itself. I’m interested in hearing your thoughts on what would make this clearer for you and help others avoid the same problem?
The flow when you look at sections such as User Sessions does show typical real-world flow, in an App you would expect to Login once and then the App will use refresh tokens to renew the users tokens. So this process is transparent to the user and there is no need to prompt the user with a Login Dialog UX every 24 hours.
The “log out” coincidentally is something being added just now.
