Now Available! Permit Elements. Learn More

  • IAM
  • Tutorials

A Guide for an Awesome Custom Auth0 Universal login

A complete step by step guide to fully customize the auth0 login screen

Oded Ben David

Jan 24 2022
A Guide for an Awesome Custom Auth0 Universal login
Share:

Your login and sign-up screens are the gateway to your app - the first thing a person sees before entering your actual application. So, they better look amazing, if you want an awesome app.

While creating our own login screen at Permit.io, I had to review and collect data from multiple different guides, so I finally decided to incorporate them into one unified guide that will help you transform your own login screen completely.

In this guide, we will cover:

Using Auth0 authentication has its advantages - It’s fast, secure, and highly functional. 

That being said, you can’t have the first thing your user sees when entering your app look like this: 

unnamed (1).png

5 reasons why you should customize the default Auth0 login -

While functional, using the default Auth0 login screen has some key issues:

  • While the login / sign-up screen is a crucial step in a user’s onboarding process, the default Auth0 login screen lacks some important elements - The company name is there, but the overall look is different. This makes the login screen seem like a foreign entity inside your application. And that’s not a good user experience. 

  • The default option Auth0 provides in login through an external domain that belongs to Auth0, meaning each time someone wants to log in to use your application they are redirected to a domain outside that of your company. Your users might have no idea what Auth0 is, or why they are referred to this external website to provide their login information. This looks both unprofessional and unsecure. 

  • This sense of unfamiliarity creates another issue: because the login screen doesn’t look like the rest of your company’s user interface, and it is based on a domain outside your company, it can be easily interpreted by the user as a phishing attack.

  • The message displayed reads: “Log in to ‘Company Name’ to continue to ‘Application Name’”. Not only is this not the most inviting message, changing it is no trivial task (As we will see later on).

  • The login interface uses only a small percentage of your screen, the rest of it being just one color, making it look quite dull and uninviting on one of the most important screens in your entire app. 

While the good news is that most of these features are customizable, the bad news is that implementing these customizations is no easy feat, and far from intuitive. Hence this guide 😉

What can we do about this?

Overcoming these issues took me a while, but we were very pleased with the end result:

Component 1.png


So how did we get here? Let’s review the steps:

1. Enabling custom domains

As we have stated before, having your login/signup based in a domain outside your company creates various issues. Apart from that, Auth0 only allows you to customize your login screen by using a custom domain - which is a paid feature. 

To do this - 

  • Choose the correct tenant (most likely production).

  • In the left sidebar go to Branding Custom Domains.
    (If you haven’t upgraded your plan to include custom domain support, you will need to do that first).

Custom Domain
  • Approve your custom domain through the instructions provided by Auth0 to prove that you actually own it (This includes adding some TXT entries to the domain).
  • This is what an approved custom domain should look like (notice the ready status):

Custom Domain Enabled

2. Editing the login template

Now that we have a custom domain, we can get to editing the login screen itself. 

If you check out Auth0’s documentation you will notice they suggest using POST requests to update the template. This means posting all of the code for the entire page every time we want to make the smallest of changes. That can be a huge hassle. 

To overcome this issue, I used Auth0 CLI (That’s still in beta, but works *almost* perfectly) which utilizes Storybook. Auth0 CLI allows you to edit the login template from your code editor while previewing those changes in Storybook as you go along

How to do this:

  • Download Auth0 CLI:

    On Mac: 

    [brew tap auth0/auth0-cli && brew install auth0]

    On Linux:

    [brew tap auth0/auth0-cli && brew install auth0]

    On windows (With Scoop):

    [scoop bucket add auth0 https://github.com/auth0/scoop-auth0-cli.git 
    ⁠scoop install auth0]

    Check this link for more options.

  • Login to your account using the following command: 

    auth0 login

  • Run the following command: 

    auth0 branding templates update

  • This will open your default code editor (I recommend setting VSCode as your default editor), and a Storybook window in your browser, previewing the current state of your login screen. 

  • When you make changes in your code editor, you see them updated live in the Storybook preview window. 

    StoryBook Preview

This is how the StoryBook preview looks like

  • Remember to add {%- auth0:head -%} in the HTML head tag
    and {%- auth0:widget -%} where you want the Auth0 widget to be injected. 

    This is an example of a basic template that displays the Auth0 login:

    ⁠html
    <!DOCTYPE html><html>
      <head>
        {%- auth0:head -%}
      </head>
      <body>
        {%- auth0:widget -%}
      </body></html>
  • When you close the editor, Auth0 CLI will ask you if you want to update the login template. 

    Update Login Template
  • Approve, and you’re done! 

Important note:

The authentication widget previewed on Storybook is not identical to the actual one that is going to appear on your website. These could also display a bit differently on mobile/different screens - so make sure to recheck everything in your real environment after updating your template

Versus

Note the Storybook preview (Left) vs. the actual version (right).

3. Editing Auth0 widget default title and description

In this part, I’ll explain how to change the default text templates provided in the Auth0 login screen through API management. The default text will look like this:

Log in to `Company Name’ to continue to ‘Application Name’
To do this:
  • First, you will need to get your API management token: Go to  ApplicationsAPIs, click on Auth0 Management API. Go to the API Explorer tag, and copy the token by clicking the copy icon on the right. 

    Copy

    APIs


Token

  • Go to the Auth0 “prompt: login” Documentation, and get the names of the strings you want to change. For example, the key for the following login screen string:

    Log in to ${companyName} to continue to ${clientName}

    Is description.

  • Go to “Set custom text for a specific prompt” in Auth0’s API management docs.

  • On the top left side of the screen, click “Set API Token”, and paste the API token you copied. 

    unnamed (11).png
  • Select the prompt you would like to make changes to (in our case: login)
  • Select the language (in our case: EN - English)

  • Under “body” - add all of the changes you wish to make in this prompt (in our case: description and title) 

Custom Text

NOTE: If you want to change more than one prompt, you have to make both changes first, and then save them together. If you do them separately the first will revert to its original state.

  • Click TRY to save your changes.

Try

You may want to repeat this process to edit your signup widget as well. To do this, locate the text you want to change here, and repeat the process while choosing signup instead of login 
in all the steps.

4. Things you cannot do with Auth0 universal login

As of the writing of this guide, a feature to change the login widget to request the user to repeat the password on signup is not yet available. A GitHub issue for this has been open since 2014, yet no relevant action was taken.

I hope this guide enabled you to set up your own authentication via Auth0. 

Usually, once you have authentication set up, the next step is to do authorization!
Check out our blog post on the 5 best practices for building cloud-native permissions, or visit permit.io to learn more about getting permissions as a service.

For more useful guides, visit our blog.

You can check out our own template on GitHub.

Oded Ben David

First Developer @ Permit.io; building your next permissions solution

decorative background