Auth0 Account
We assume that you have an Auth0 account. If you don't have one, you can create a free account here.
Auth0 Configuration
To integrate Auth0 with the Wallet API, you need to configure the Auth0 application and the Wallet API. The following steps guide you through the configuration process.
Step 1: Create an Auth0 Application
- Log in to your Auth0 account.
- Click on the Applications tab.
- Click on the Create Application button.
- Select the Regular Web Application option.
- Enter a name for your application.
- Click on the Create button.
- In the Settings tab, configure the following settings:
- Allowed Web Origins: Enter the URL of your application. For example,
https://wallet.walt.id
. - Allowed Callback URLs: Enter the callback URL of your application. For
example,
https://wallet.walt.id/wallet-api/auth/oidc-session
. - Allowed Logout URLs: Enter the logout URL of your application. For example,
https://wallet.walt.id/logout
. - Allowed Origins (CORS): Enter the URL of your application. For example,
https://wallet.walt.id
.
- Allowed Web Origins: Enter the URL of your application. For example,
Step 2: Configure the Wallet API
In the Wallet API, you need to configure the Auth0 settings in the oidc.conf
file.
oidc.conf
enableOidcLogin = true
providerName = auth0
# Enter the realm URL
oidcRealm = "https://dev-rv0r7nb07450ieht.us.auth0.com/"
# JWKS (to verify access keys the user claims to received through OIDC server)
oidcJwks = "{{oidcRealm}}/.well-known/jwks.json"
oidcScopes = ["openid",
"profile",
"offline_access",
"name",
"given_name",
"family_name",
"nickname",
"email",
"email_verified",
"picture",
"created_at",
"identities",
"phone",
"address","read:user_idp_tokens"]
authorizeUrl = "{{oidcRealm}}/authorize"
accessTokenUrl = "{{oidcRealm}}/oauth/token"
logoutUrl = "{{oidcRealm}}/oidc/logout"
clientId = "j5QFcCKd4iX9uTKudVnjqrtBaNaG2hHJ"
clientSecret = "GtuJ38HEcjjMjm8iC5CNGN8w1F_RDrn-OngT2JpXpub9M-SBgyXCkBbeTSqdRm6u"
audience = "{{oidcRealm}}/api/v2/"
# Keycloak authentication strategy
keycloakUserApi = ""
userEndpoint = "{{oidcRealm}}/userinfo"
# JWKS is cached:
jwksCache = {
cacheSize = 10
cacheExpirationHours = 24
rateLimit: {
bucketSize: 10
refillRateMinutes: 1
}
}