auth0/auth0-java

Java client library for the Auth0 platform https://auth0.com

Download

Step 1. Add the JitPack repository to your build file

Add it in your root settings.gradle at the end of repositories:

	dependencyResolutionManagement {
		repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
		repositories {
			mavenCentral()
			maven { url 'https://jitpack.io' }
		}
	}

Add it in your settings.gradle.kts at the end of repositories:

	dependencyResolutionManagement {
		repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
		repositories {
			mavenCentral()
			maven { url = uri("https://jitpack.io") }
		}
	}

Add to pom.xml

	<repositories>
		<repository>
		    <id>jitpack.io</id>
		    <url>https://jitpack.io</url>
		</repository>
	</repositories>

Add it in your build.sbt at the end of resolvers:

 
    resolvers += "jitpack" at "https://jitpack.io"

Add it in your project.clj at the end of repositories:

 
    :repositories [["jitpack" "https://jitpack.io"]]

Step 2. Add the dependency

	dependencies {
		implementation 'com.github.auth0:auth0-java:2.12.0'
	}
	dependencies {
		implementation("com.github.auth0:auth0-java:2.12.0")
	}
	<dependency>
	    <groupId>com.github.auth0</groupId>
	    <artifactId>auth0-java</artifactId>
	    <version>2.12.0</version>
	</dependency>

                            
    libraryDependencies += "com.github.auth0" % "auth0-java" % "2.12.0"
        
        

                            
    :dependencies [[com.github.auth0/auth0-java "2.12.0"]]

Readme

Note As part of our ongoing commitment to best security practices, we have rotated the signing keys used to sign previous releases of this SDK. As a result, new patch builds have been released using the new signing key. Please upgrade at your earliest convenience.

While this change won't affect most developers, if you have implemented a dependency signature validation step in your build process, you may notice a warning that past releases can't be verified. This is expected, and a result of the key rotation process. Updating to the latest version will resolve this for you.

A Java client library for the Auth0 Authentication and Management APIs.

Build Status Coverage Status License Maven Central javadoc

:books: Documentation - :rocket: Getting Started - :computer: API Reference :speech_balloon: Feedback

Documentation

  • Examples - code samples for common auth0-java scenarios.
  • Migration Guide - guidance for updating your application to use version 2 of auth0-java.
  • Docs site - explore our docs site and learn more about Auth0.

Getting Started

Requirements

Java 8 or above.

auth0-java is intended for server-side JVM applications. Android applications should use the Auth0.Android SDK.

Installation

Add the dependency via Maven:

<dependency>
  <groupId>com.auth0</groupId>
  <artifactId>auth0</artifactId>
  <version>2.26.0</version>
</dependency>

or Gradle:

implementation 'com.auth0:auth0:2.26.0'

Configure the SDK

Authentication API Client

The Authentication API client is based on the Auth0 Authentication API.

Create an AuthAPI instance by providing the Application details from the dashboard.

AuthAPI auth = AuthAPI.newBuilder("{YOUR_DOMAIN}", "{YOUR_CLIENT_ID}", "{YOUR_CLIENT_SECRET}").build();

Management API Client

The Management API client is based on the Management API Docs.

Create a ManagementAPI instance by providing the domain from the Application dashboard and a valid API Token.

ManagementAPI mgmt = ManagementAPI.newBuilder("{YOUR_DOMAIN}", "{YOUR_API_TOKEN}").build();

OR

Create a ManagementAPI instance by providing the domain from the Application dashboard and Token Provider.

TokenProvider tokenProvider = SimpleTokenProvider.create("{YOUR_API_TOKEN}");
ManagementAPI mgmt = ManagementAPI.newBuilder("{YOUR_DOMAIN}", TokenProvider).build();

The Management API is organized by entities represented by the Auth0 Management API objects.

User user = mgmt.users().get("auth0|user-id", new UserFilter()).execute().getBody();
Role role = mgmt.roles().get("role-id").execute().getBody();

You can use the Authentication API to obtain a token for a previously authorized Application:

AuthAPI authAPI = AuthAPI.newBuilder("{YOUR_DOMAIN}", "{YOUR_CLIENT_ID}", "{YOUR_CLIENT_SECRET}").build();
TokenRequest tokenRequest = authAPI.requestToken("https://{YOUR_DOMAIN}/api/v2/");
TokenHolder holder = tokenRequest.execute().getBody();
String accessToken = holder.getAccessToken();
ManagementAPI mgmt = ManagementAPI.newBuilder("{YOUR_DOMAIN}", accessToken).build();

An expired token for an existing ManagementAPI instance can be replaced by calling the setApiToken method with the new token.

See the Auth0 Management API documentation for more information on how to obtain API Tokens.

API Reference

Feedback

Contributing

We appreciate feedback and contribution to this repo! Before you get started, please see the following:

Raise an issue

To provide feedback or report a bug, please raise an issue on our issue tracker.

Vulnerability Reporting

Please do not report security vulnerabilities on the public Github issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

<p align="center"> <picture> <source media="(prefers-color-scheme: light)" srcset="https://cdn.auth0.com/website/sdks/logos/auth0_light_mode.png" width="150"> <source media="(prefers-color-scheme: dark)" srcset="https://cdn.auth0.com/website/sdks/logos/auth0_dark_mode.png" width="150"> <img alt="Auth0 Logo" src="./auth0_light_mode.png" width="150"> </picture> </p> <p align="center">Auth0 is an easy to implement, adaptable authentication and authorization platform. To learn more checkout <a href="https://auth0.com/why-auth0">Why Auth0?</a></p> <p align="center"> This project is licensed under the MIT license. See the <a href="./LICENSE"> LICENSE</a> file for more info.</p>