@auth0/auth0-acul-js

v1.1.0

Published

7 days ago

The Auth0 ACUL JS SDK enables you to work with Advanced Customization for Universal Login.

Auth0 ACUL JS SDK

📚 Documentation - 🚀 Getting Started - 💻 API Reference - Helper Functions - 💬 Feedback

The Auth0 ACUL JS SDK enables you to work with Advanced Customization for Universal Login.

It simplifies integrating authentication screens (login, signup, passwordless, passkey enrollment, etc.) into your web applications, providing the necessary tools for seamless implementation.

📚 Documentation

Quickstart - our guide for setting up the SDK on your app.
Guides - more guides for common use cases
Examples - code snippets for different customization use cases.
FAQs - Find answers to frequently asked questions about the Auth0 ACUL JS SDK.

🚀 Getting started

Prerequisites

Before starting, ensure that you have the following setup:

Custom Domain: Ensure that a custom domain is configured for your Auth0 tenant.
Screen Configuration: Set up the required authentication screens within your Auth0 flow.
For detailed steps, refer to the Configure ACUL Screens.

Installation

You can easily install the SDK via npm:

npm install @auth0/auth0-acul-js

After installing the SDK, you can import the relevant screen module, which you want to configure

Importing Screens

// Default import of any particular screen, eg: login-id screen
import  LoginId  from '@auth0/auth0-acul-js/login-id'; 

// Named import of any screen
import  { LoginId }  from '@auth0/auth0-acul-js'; 

// Default import of all screens
import  * as Screens  from '@auth0/auth0-acul-js';

Note: For more details on import paths for all screens, refer to the FAQ's.

👨‍💻 Usage

Adding Functionality to Your Screens

Let’s look at an example for adding logic to the login-id screen.

Example: Add Logic to Login Button

  import  LoginId  from '@auth0/auth0-acul-js/login-id';

  const loginIdManager = new LoginId();

  // Trigger the login method on button click
  loginIdManager.login({
    username: "testUser"
  });

Get List of Mandatory Fields for Login

const { transaction } = loginIdManager
const requiredFields = transaction.getActiveIdentifiers();

Integrating Social Connections for Login

To allow users to login via social connections (e.g., Google, Facebook), use the following snippet

import  LoginId  from "@auth0/auth0-acul-js/login-id";
const loginIdManager = new LoginId();

// Check if alternateConnections is available and has at least one item
if (!loginIdManager.transaction.alternateConnections) {
  console.error('No alternate connections available.');
}

// Select the first available connection (users can select any available connection)
const selectedConnection = alternateConnections[0];

// Log the chosen connection for debugging or informational purposes
console.log(`Selected connection: ${selectedConnection.name}`);

// Proceed with social login using the selected connection
loginIdManager.socialLogin({
  connection: selectedConnection.name,
})

Error handling for Login

A top-level getter function, getErrors, can be used to retrieve detailed authentication errors when backend validation fails.

import Login from "@auth0/auth0-acul-js/login";

const loginIdManager = new Login();

const errors = loginIdManager.getErrors();
if (errors) {
  console.error("Login failed:", errors);
}

Same can also be achieved using the transaction.errors available directly on the screen context for each screen.

import Login from "@auth0/auth0-acul-js/login";

const loginIdManager = new Login();

const errors = loginIdManager.transaction?.errors ?? [];
if (errors) {
  console.error("Login failed:", errors);
}

For more examples, visit our examples

Quick Start with Boilerplate App

Get up and running quickly with our boilerplate starter template: Link

💻 API reference

Screens

| No. | Prompt | Screen Name | Documentation Link | |--------|--------------------|-------------------|--------------------------------------------------------------------------------------------| | 1 | login | login | Link | | 2 | login-id | login-id | Link | | 3 | login-password | login-password | Link | | 4 | signup-id | signup-id | Link | | 5 | signup-password | signup-password | Link |

| No. | Prompt |--------|------------ | 6 | login-passwordless | 7 | login-passwordless | 8 | passkeys | 9 | passkeys | 10 | phone-ident | 11 | phone-ident | 12 | email-ident | 13 | captcha | 14 | reset-password | 15 | reset-password | 16 | reset-password | 17 | reset-password | 18 | reset-password | 19 | signup | 20 | mfa | 21 | mfa | 22 | mfa | 23 | mfa | 24 | mfa-push | 25 | mfa-push | 26 | mfa-push | 27 | mfa-push | 28 | mfa-sms | 29 | mfa-sms | 30 | mfa-sms | 31 | mfa-sms | 32 | mfa-email | 33 | mfa-email | 34 | invitatino | 35 | organizations | 36 | organizations | 37 | reset-password | 38 | mfa-otp | 39 | mfa-otp | 40 | reset-password | 41 | reset-password | 42 | reset-password | 43 | reset-password | 44 | mfa-phone | 45 | mfa-voice | 46 | mfa-recovery-code | 47 | device-flow | 48 | device-flow | 49 | device-flow | 50 | reset-password | 51 | reset-password | 52 | common | 53 | device-flow | 54 | mfa-phone | 55 | mfa-voice | 56 | mfa-recovery-code | 57 | reset-password | 58 | mfa-recovery-code | 59 | logout | 60 | logout | 61 | logout | 62 | email-verification | 63 | login-email-verification | 64 |mfa-webauthn | 65 |mfa-webauthn | 66 |mfa-webauthn | 67 |mfa-webauthn | 68 |mfa-webauthn | 69 |mfa-webauthn | 70 |mfa-webauthn | 71 |mfa-webauthn | 72 |reset-password | 73 |reset-password | 74 |consent | 75 |customized-consent | 76 |email-otp-challenge | Screen Name | Documentation Link | --------------------|-------------------------------------------|-------------------------------------------------------------------------------------------------------| | login-passwordless-email-code | Link | | login-passwordless-sms-otp | Link | | passkey-enrollment | Link | | passkey-enrollment-local | Link | ifier-enrollment | phone-identifier-enrollment | Link | ifier-challenge | phone-identifier-challenge | Link | ifier-challenge | email-identifier-challenge | Link | | interstitial-captcha | Link | | reset-password-email | Link | | reset-password-request | Link | | reset-password | Link | | reset-password-error | Link | | reset-password-success | Link | | signup | Link | | mfa-detect-browser-capabilities | Link | | mfa-enroll-result | Link | | mfa-begin-enroll-options | Link | | mfa-login-options | Link | | mfa-push-enrollment-qr | Link | | mfa-push-welcome | Link | | mfa-push-challenge-push | Link | | mfa-push-list | Link | | mfa-country-codes | Link | | mfa-sms-challenge | Link | | mfa-sms-enrollment | Link | | mfa-sms-list | Link | | mfa-email-challenge | Link | | mfa-email-list | Link | | accept-invitation | Link | | organization-picker | Link | | organization-selection | Link | | mfa-otp-challenge | Link | | mfa-otp-enrollment-code | Link | | mfa-otp-enrollment-qr | Link | | reset-password-mfa-email-challenge | Link | | reset-password-mfa-push-challenge-push | Link| | mfa-sms-challenge | Link | | reset-password-mfa-otp-challenge | Link | | mfa-phone-enrollment | Link | | mfa-voice-enrollment | Link | | mfa-recovery-code-challenge | Link | | device-code-activation-allowed | Link | | device-code-activation-denied | Link | | device-code-activation | Link | | reset-password-mfa-recovery-code-challenge | Link | | reset-password-mfa-voice | Link | | redeem-ticket | Link | | device-code-confirmation | Link | | mfa-phone-challenge | Link | | mfa-voice-challenge | Link | | mfa-recovery-code-enrollment | Link | | reset-password-mfa-phone-challenge | Link | | mfa-recovery-code-challenge-new-code | Link | | logout | Link | | logout-aborted | Link | | logout-complete | Link | | email-verification-result | Link | | login-email-verification | Link | | mfa-webauthn-platform-enrollment | Link | | mfa-webauthn-error | Link | | mfa-webauthn-roaming-enrollment | Link | | mfa-webauthn-roaming-challenge | Link | | mfa-webauthn-platform-challenge | Link | | mfa-webauthn-enrollment-success | Link | | mfa-webauthn-change-key-nickname | Link | | mfa-webauthn-not-available-error | Link | | reset-password-mfa-webauthn-platform-challenge | Link | | reset-password-mfa-webauthn-roaming-challenge | Link | | consent | Link | | customized-consent | Link | | email-otp-challenge | Link |

Helper Functions

This section documents the helper methods and properties exposed by the screen instance in auth0-acul-js.

Context properties

user- Current user/profile data for the active transaction.
tenant- Tenant configuration and metadata (domain, region, settings).
branding- Branding/theme config (colors, logos, fonts, visual tokens).
client- Application client metadata and settings.
organization- Organization context when applicable.
prompt- Current prompt / flow configuration.
untrustedData- Untrusted inputs (URL params, prefilled form values).
screen- Current screen metadata and configuration.
transaction- Transaction / flow state, session identifiers and related data.

Identifier management

getLoginIdentifiers(): Get available login identifier types (email, phone, username)
getSignupIdentifiers(): Get available signup identifier types, each with its required status

Form validation

validatePassword(password: string): Real-time password strength validation
validateUsername(username: string): Username format and availability validation

MFA / Push polling & resend

pollingManager(): Starts and manages polling for an MFA push challenge.
resendManager() Gets resend functionality with timeout management for this screen.

Common helpers

getCurrentScreen()
Return the current screen context data.
getCurrentThemeOptions() Gets the current theme options with flattened configuration from branding context.
getErrors() Gets the current errors from the transaction context

💬 Feedback

Contributing

We appreciate feedback and contribution to this repo! Before you get started, please see the following:

Raise an issue

To provide feedback or report a bug, please raise an issue on our issue tracker.

Vulnerability Reporting

Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.