auth0/auth0-java

Java client library for the Auth0 platform https://auth0.com

Download

Step 1. Add the JitPack repository to your build file

Add it in your root settings.gradle at the end of repositories:

	dependencyResolutionManagement {
		repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
		repositories {
			mavenCentral()
			maven { url 'https://jitpack.io' }
		}
	}

Add it in your settings.gradle.kts at the end of repositories:

	dependencyResolutionManagement {
		repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
		repositories {
			mavenCentral()
			maven { url = uri("https://jitpack.io") }
		}
	}

Add to pom.xml

	<repositories>
		<repository>
		    <id>jitpack.io</id>
		    <url>https://jitpack.io</url>
		</repository>
	</repositories>

Add it in your build.sbt at the end of resolvers:

 
    resolvers += "jitpack" at "https://jitpack.io"

Add it in your project.clj at the end of repositories:

 
    :repositories [["jitpack" "https://jitpack.io"]]

Step 2. Add the dependency

	dependencies {
		implementation 'com.github.auth0:auth0-java:2.12.0'
	}
	dependencies {
		implementation("com.github.auth0:auth0-java:2.12.0")
	}
	<dependency>
	    <groupId>com.github.auth0</groupId>
	    <artifactId>auth0-java</artifactId>
	    <version>2.12.0</version>
	</dependency>

                            
    libraryDependencies += "com.github.auth0" % "auth0-java" % "2.12.0"
        
        

                            
    :dependencies [[com.github.auth0/auth0-java "2.12.0"]]

Readme

Note As part of our ongoing commitment to best security practices, we have rotated the signing keys used to sign previous releases of this SDK. As a result, new patch builds have been released using the new signing key. Please upgrade at your earliest convenience.

While this change won't affect most developers, if you have implemented a dependency signature validation step in your build process, you may notice a warning that past releases can't be verified. This is expected, and a result of the key rotation process. Updating to the latest version will resolve this for you.

We are improving our API specs which introduces minor breaking changes.

A Java client library for the Auth0 Authentication and Management APIs.

Build Status Coverage Status License Maven Central javadoc Ask DeepWiki

:books: Documentation - :rocket: Getting Started - :computer: API Reference :speech_balloon: Feedback

Documentation

  • Reference - code samples for Management APIs.
  • Examples - code samples for common auth0-java scenarios.
  • Migration Guide - guidance for updating your application to use version 3 of auth0-java.
  • Docs site - explore our docs site and learn more about Auth0.

Getting Started

Requirements

Java 8 or above.

auth0-java is intended for server-side JVM applications. Android applications should use the Auth0.Android SDK.

Installation

Add the dependency via Maven:

<dependency>
  <groupId>com.auth0</groupId>
  <artifactId>auth0</artifactId>
  <version>3.3.0</version>
</dependency>

or Gradle:

implementation 'com.auth0:auth0:3.3.0'

Configure the SDK

Authentication API Client

The Authentication API client is based on the Auth0 Authentication API.

Create an AuthAPI instance by providing the Application details from the dashboard.

AuthAPI auth = AuthAPI.newBuilder("{YOUR_DOMAIN}", "{YOUR_CLIENT_ID}", "{YOUR_CLIENT_SECRET}").build();

Management API Client

The Management API client is based on the Management API Docs. In v3, the Management API is Fern-generated and uses ManagementApi as the entry point.

Create a ManagementApi instance with a static token:

ManagementApi mgmt = ManagementApi.builder()
        .domain("{YOUR_DOMAIN}")
        .token("{YOUR_API_TOKEN}")
        .build();

Or use client credentials for automatic token management (recommended for server-to-server applications):

ManagementApi mgmt = ManagementApi.builder()
        .domain("{YOUR_DOMAIN}")
        .clientCredentials("{YOUR_CLIENT_ID}", "{YOUR_CLIENT_SECRET}")
        .build();

The Management API is organized into resource clients. Methods return typed response objects directly:

GetUserResponseContent user = mgmt.users().get("user_id");
GetRoleResponseContent role = mgmt.roles().get("role_id");

You can also obtain a token via the Authentication API and use it with the Management API client:

AuthAPI authAPI = AuthAPI.newBuilder("{YOUR_DOMAIN}", "{YOUR_CLIENT_ID}", "{YOUR_CLIENT_SECRET}").build();
TokenRequest tokenRequest = authAPI.requestToken("https://{YOUR_DOMAIN}/api/v2/");
TokenHolder holder = tokenRequest.execute().getBody();
String accessToken = holder.getAccessToken();
ManagementApi mgmt = ManagementApi.builder()
        .domain("{YOUR_DOMAIN}")
        .token(accessToken)
        .build();

See the Auth0 Management API documentation for more information on how to obtain API Tokens.

API Reference

Feedback

Contributing

We appreciate feedback and contribution to this repo! Before you get started, please see the following:

Raise an issue

To provide feedback or report a bug, please raise an issue on our issue tracker.

Vulnerability Reporting

Please do not report security vulnerabilities on the public Github issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

<p align="center"> <picture> <source media="(prefers-color-scheme: light)" srcset="https://cdn.auth0.com/website/sdks/logos/auth0_light_mode.png" width="150"> <source media="(prefers-color-scheme: dark)" srcset="https://cdn.auth0.com/website/sdks/logos/auth0_dark_mode.png" width="150"> <img alt="Auth0 Logo" src="./auth0_light_mode.png" width="150"> </picture> </p> <p align="center">Auth0 is an easy to implement, adaptable authentication and authorization platform. To learn more checkout <a href="https://auth0.com/why-auth0">Why Auth0?</a></p> <p align="center"> This project is licensed under the MIT license. See the <a href="./LICENSE"> LICENSE</a> file for more info.</p>