@auth0/nextjs-auth0 - v4.2.1
@auth0/nextjs-auth0 - v4.3.0
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications.
This project is licensed under the MIT license. See the LICENSE file for more info. -
Optionalmessage: stringOptionalmessage: stringOptionalmessage: stringOptionalmessage: stringOptionalmessage: stringOptionalmessage: stringOptionalmessage: stringOptionalmessage: stringAbstractAbstractOptionalmessage: stringOptionalmessage: stringAbstractAbstractcalculateMaxAge calculates the max age of the session based on createdAt and the rolling and absolute durations.
-Abstractdeleteepoch returns the time since unix epoch in seconds.
-AbstractgetAbstractsetsave adds the encrypted session cookie as a Set-Cookie header. If the iat property
+
calculateMaxAge calculates the max age of the session based on createdAt and the rolling and absolute durations.
+Abstractdeleteepoch returns the time since unix epoch in seconds.
+AbstractgetAbstractsetsave adds the encrypted session cookie as a Set-Cookie header. If the iat property
is present on the session, then it will be used to compute the maxAge cookie value.
OptionalisNew: booleanOptionalisNew: booleangetAccessToken returns the access token.
This method can be used in Server Components, Server Actions, and Route Handlers in the App Router.
NOTE: Server Components cannot set cookies. Calling getAccessToken() in a Server Component will cause the access token to be refreshed, if it is expired, and the updated token set will not to be persisted.
It is recommended to call getAccessToken(req, res) in the middleware if you need to retrieve the access token in a Server Component to ensure the updated token set is persisted.
getAccessToken returns the access token.
+getAccessToken returns the access token.
This method can be used in middleware and getServerSideProps, API routes in the Pages Router.
getSession returns the session data for the current request.
+getSession returns the session data for the current request.
This method can be used in Server Components, Server Actions, and Route Handlers in the App Router.
-getSession returns the session data for the current request.
+getSession returns the session data for the current request.
This method can be used in middleware and getServerSideProps, API routes in the Pages Router.
middleware mounts the SDK routes to run as a middleware function.
-updateSession updates the session of the currently authenticated user. If the user does not have a session, an error is thrown.
+middleware mounts the SDK routes to run as a middleware function.
+updateSession updates the session of the currently authenticated user. If the user does not have a session, an error is thrown.
This method can be used in middleware and getServerSideProps, API routes, and middleware in the Pages Router.
updateSession updates the session of the currently authenticated user. If the user does not have a session, an error is thrown.
+updateSession updates the session of the currently authenticated user. If the user does not have a session, an error is thrown.
This method can be used in Server Actions and Route Handlers in the App Router.
-getTokenSet returns a valid token set. If the access token has expired, it will attempt to +
TransactionStore is responsible for storing the state required to successfully complete +
TransactionStore is responsible for storing the state required to successfully complete an authentication transaction. The store relies on encrypted, stateless cookies to store the transaction state.
-
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications.
This project is licensed under the MIT license. See the LICENSE file for more info. -
OptionalallowAllow insecure requests to be made to the authorization server. This can be useful when testing
with a mock OIDC provider that does not support TLS, locally.
This option can only be used when NODE_ENV is not set to production.
OptionalappThe URL of your application (e.g.: http://localhost:3000).
OptionalappThe URL of your application (e.g.: http://localhost:3000).
If it's not specified, it will be loaded from the APP_BASE_URL environment variable.
OptionalauthorizationAdditional parameters to send to the /authorize endpoint.
OptionalbeforeA method to manipulate the session before persisting it.
+OptionalauthorizationAdditional parameters to send to the /authorize endpoint.
OptionalbeforeA method to manipulate the session before persisting it.
See beforeSessionSaved for additional details
-OptionalclientThe algorithm used to sign the client assertion JWT. +
OptionalclientThe algorithm used to sign the client assertion JWT.
Uses one of token_endpoint_auth_signing_alg_values_supported if not specified.
If the Authorization Server discovery document does not list token_endpoint_auth_signing_alg_values_supported
this property will be required.
OptionalclientPrivate key for use with private_key_jwt clients.
+
OptionalclientPrivate key for use with private_key_jwt clients.
This should be a string that is the contents of a PEM file or a CryptoKey.
OptionalclientThe Auth0 client ID.
+OptionalclientThe Auth0 client ID.
If it's not specified, it will be loaded from the AUTH0_CLIENT_ID environment variable.
OptionalclientThe Auth0 client secret.
+OptionalclientThe Auth0 client secret.
If it's not specified, it will be loaded from the AUTH0_CLIENT_SECRET environment variable.
OptionaldomainThe Auth0 domain for the tenant (e.g.: example.us.auth0.com).
OptionaldomainThe Auth0 domain for the tenant (e.g.: example.us.auth0.com).
If it's not specified, it will be loaded from the AUTH0_DOMAIN environment variable.
OptionalenableBoolean value to opt-out of sending the library name and version to your authorization server +
OptionalenableBoolean value to enable the /auth/access-token endpoint for use in the client app.
Defaults to true.
NOTE: Set this to false if your client does not need to directly interact with resource servers (Token Mediating Backend). This will be false for most apps.
A security best practice is to disable this to avoid exposing access tokens to the client app.
+ +OptionalenableBoolean value to opt-out of sending the library name and version to your authorization server
via the Auth0-Client header. Defaults to true.
OptionalhttpInteger value for the HTTP timeout in milliseconds for authentication requests. +
OptionalhttpInteger value for the HTTP timeout in milliseconds for authentication requests.
Defaults to 5000 ms.
OptionalonA method to handle errors or manage redirects after attempting to authenticate.
+OptionalonA method to handle errors or manage redirects after attempting to authenticate.
See onCallback for additional details
-OptionalpushedIf enabled, the SDK will use the Pushed Authorization Requests (PAR) protocol when communicating with the authorization server.
-OptionalroutesConfigure the paths for the authentication routes.
+OptionalpushedIf enabled, the SDK will use the Pushed Authorization Requests (PAR) protocol when communicating with the authorization server.
+OptionalroutesConfigure the paths for the authentication routes.
See Custom routes for additional details.
-OptionalsecretA 32-byte, hex-encoded secret used for encrypting cookies.
+OptionalsecretA 32-byte, hex-encoded secret used for encrypting cookies.
If it's not specified, it will be loaded from the AUTH0_SECRET environment variable.
OptionalsessionConfigure the session timeouts and whether to use rolling sessions or not.
+OptionalsessionConfigure the session timeouts and whether to use rolling sessions or not.
See Session configuration for additional details.
-OptionalsessionA custom session store implementation used to persist sessions to a data store.
+OptionalsessionA custom session store implementation used to persist sessions to a data store.
See Database sessions for additional details.
-OptionalsignThe path to redirect the user to after successfully authenticating. Defaults to /.
OptionaltransactionConfigure the transaction cookie used to store the state of the authentication transaction.
-OptionalsignThe path to redirect the user to after successfully authenticating. Defaults to /.
OptionaltransactionConfigure the transaction cookie used to store the state of the authentication transaction.
+OptionalallowOptionalauthorizationOptionalbeforeOptionalclientOptionalclientOptionalclientOptionalenableOptionalfetchOptionalallowOptionalauthorizationOptionalbeforeOptionalclientOptionalclientOptionalclientOptionalenableOptionalenableOptionalfetchOptionalinit: RequestInitOptionalinit: RequestInitOptionalhttpOptionaljwksOptionalonOptionalpushedOptionalroutesOptionalsignOptionalinit: RequestInitOptionalhttpOptionaljwksOptionalonOptionalpushedOptionalroutesOptionalsignAdditional authorization parameters.
-Additional authorization parameters.
+OptionalaudienceThe unique identifier of the target API you want to access.
-Optionalmax_The maximum amount of time, in seconds, after which a user must reauthenticate.
-Optionalredirect_The URL to which the authorization server will redirect the user after granting authorization.
-OptionalscopeThe scope of the access request, expressed as a list of space-delimited, case-sensitive strings. +
Optionalmax_The maximum amount of time, in seconds, after which a user must reauthenticate.
+Optionalredirect_The URL to which the authorization server will redirect the user after granting authorization.
+OptionalscopeThe scope of the access request, expressed as a list of space-delimited, case-sensitive strings.
Defaults to "openid profile email offline_access".
OptionalabsoluteThe absolute duration after which the session will expire. The value must be specified in seconds..
Once the absolute duration has been reached, the session will no longer be extended.
Default: 3 days.
-OptionalcookieThe options for the session cookie.
-OptionalinactivityThe duration of inactivity after which the session will expire. The value must be specified in seconds.
+OptionalcookieThe options for the session cookie.
+OptionalinactivityThe duration of inactivity after which the session will expire. The value must be specified in seconds.
The session will be extended as long as it was active before the inactivity duration has been reached.
Default: 1 day.
-OptionalrollingA boolean indicating whether rolling sessions should be used or not.
+OptionalrollingA boolean indicating whether rolling sessions should be used or not.
When enabled, the session will continue to be extended as long as it is used within the inactivity duration.
Once the upper bound, set via the absoluteDuration, has been reached, the session will no longer be extended.
Default: true.
OptionalnameThe name of the session cookie.
Default: __session.
OptionalsameThe sameSite attribute of the session cookie.
+OptionalsameThe sameSite attribute of the session cookie.
Default: lax.
OptionalsecureThe secure attribute of the session cookie.
+OptionalsecureThe secure attribute of the session cookie.
Default: depends on the protocol of the application's base URL. If the protocol is https, then true, otherwise false.
Destroys the session with the given session ID.
-OptionaldeleteDeletes the session with the given logout token which may contain a session ID or a user ID, or both.
-Gets the session from the store given a session ID.
-Upsert a session in the store given a session ID and SessionData.
OptionaldeleteDeletes the session with the given logout token which may contain a session ID or a user ID, or both.
+Gets the session from the store given a session ID.
+Upsert a session in the store given a session ID and SessionData.
OptionalabsoluteThe absolute duration after which the session will expire. The value must be specified in seconds..
Once the absolute duration has been reached, the session will no longer be extended.
Default: 3 days.
-OptionalcookieThe options for the session cookie.
-OptionalcookieOptionalinactivityThe duration of inactivity after which the session will expire. The value must be specified in seconds.
+OptionalcookieThe options for the session cookie.
+OptionalcookieOptionalinactivityThe duration of inactivity after which the session will expire. The value must be specified in seconds.
The session will be extended as long as it was active before the inactivity duration has been reached.
Default: 1 day.
-OptionalrollingA boolean indicating whether rolling sessions should be used or not.
+OptionalrollingA boolean indicating whether rolling sessions should be used or not.
When enabled, the session will continue to be extended as long as it is used within the inactivity duration.
Once the upper bound, set via the absoluteDuration, has been reached, the session will no longer be extended.
Default: true.
OptionalstoreOptionalstoreOptionalreturnThe URL to redirect to after a successful login.
+OptionalprefixThe prefix of the cookie used to store the transaction state.
Default: __txn_{state}.
OptionalsameThe sameSite attribute of the transaction cookie.
+OptionalsameThe sameSite attribute of the transaction cookie.
Default: lax.
OptionalsecureThe secure attribute of the transaction cookie.
+OptionalsecureThe secure attribute of the transaction cookie.
Default: depends on the protocol of the application's base URL. If the protocol is https, then true, otherwise false.
Any other JWT Claim Set member.
-Any other JWT Claim Set member.
+
Errors that come from Auth0 in the
redirect_uricallback may contain reflected user input via the OpenID Connecterroranderror_descriptionquery parameter. +- Preparing search index...
- The search index is not available
@auth0/nextjs-auth0 - v4.3.0Class OAuth2Error
Errors that come from Auth0 in the
-redirect_uricallback may contain reflected user input via the OpenID Connecterroranderror_descriptionquery parameter. You should not render the errormessage, orerroranderror_descriptionproperties without properly escaping them first.Hierarchy (View Summary)
Index
Constructors
Hierarchy (View Summary)
Index
Constructors
Properties
Constructors
constructor
__namedParameters: { code: string; message?: string },
): OAuth2Error
Parameters
Returns OAuth2Error
Properties
code
Settings
On This Page
Constructors
Properties