A Django-focused Auth0 integration providing automated OIDC flows, account linking, and so on.
Project description
Auth0 OAuth Client
A Django-focused Auth0 integration providing automated OIDC flows, account linking, and connected account (My Account API). It's been created to support the Auth0 Token Vault feature, which requires Connected Accounts flow.
It's an opinionated library focused on the needs of our own products. Feel free to fork it and adapt it to your needs.
Rules
The sample_app demonstrates how to use the library. It implements the following rules:
- Only required scopes are requested for social connections.
- Additional scopes are requested during the connected account request flow (progressive consent).
- When the user creates a connected account, that connected account is eligible for automatic account linking.
- Consider the following scenario:
- If a user logs in with
xpto@acme.comand addsqwerty@gmail.comas a connected account, logging in later with the Gmail address will link both, withxpto@acme.comremaining the primary account. No confirmation is required. - The same is true when the connected account matches the primary account.
- If a user logs in with
- Consider the following scenario:
- If a user signs up with an email/password, logs out, and later logs back in using a social connection with that same email, the accounts are automatically linked. The original email/password account is used as the primary account.
- If a user signs up via social, logs out, and later tries to log in with a password using the same email, they'll need to re-authenticate with the original social provider to link the accounts. The primary account is the social one.
Why did we build this?
Auth0 used to be the 'Stripe of Identity' sort of thing, known for its great developer experience. Lately, I’m not so sure. I almost gave up on it, but after finding some workarounds, I decided to build this library. I’m sharing it because seeing these issues go unaddressed hurts my software developer soul. 😬
Read the following Auth0 Community Questions for more details:
- Auth0 Fails to Store Refresh Tokens for Linked Accounts.
- I had built an integration using Token Vault, and it stopped. Understand why.
At the time of writing this README (2026-02-13), My Account API is not GA yet. It means this library might eventually break if Auth0 changes its API, again. 😐
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file auth0_oauth_client-0.2.0.tar.gz.
File metadata
- Download URL: auth0_oauth_client-0.2.0.tar.gz
- Upload date:
- Size: 15.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/2.0.0 CPython/3.14.3 Linux/6.14.0-1017-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5482e133aaeba274151efc4ff53ad6211272958da718b710212cb8cea8fb14ab
|
|
| MD5 |
9f702d027015d56b5a71995155093d96
|
|
| BLAKE2b-256 |
d080f8597719c4a2bd80ef665842bb82d7b9713e22d4a900f2f5d4054fd2301f
|
File details
Details for the file auth0_oauth_client-0.2.0-py3-none-any.whl.
File metadata
- Download URL: auth0_oauth_client-0.2.0-py3-none-any.whl
- Upload date:
- Size: 17.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/2.0.0 CPython/3.14.3 Linux/6.14.0-1017-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
364043be2f17bf9fadcbbdef726cc52702c871b7b0efb5ebbe8987742d14f66b
|
|
| MD5 |
d3fbeff024b095e4087f529833f06f7b
|
|
| BLAKE2b-256 |
5e3605628dcfe74b618cad96548d40a85c234cd5ce10b9bed4c3ace6416a3fa6
|
