Add Login to Your JavaScript Application

Use AI to integrate Auth0

If you use an AI coding assistant like Claude Code, Cursor, or GitHub Copilot, you can add Auth0 authentication automatically in minutes using agent skills.Install:

npx skills add auth0/agent-skills --skill auth0-quickstart --skill auth0-vanilla-js

Then ask your AI assistant:

Add Auth0 authentication to my vanilla JavaScript app

Your AI assistant will automatically create your Auth0 application, fetch credentials, install @auth0/auth0-spa-js, create authentication logic, and set up your configuration. Full agent skills documentation →

Prerequisites: Before you begin, ensure you have the following installed:

Node.js 20 LTS or newer
npm 10+ or yarn 1.22+ or pnpm 8+
jq - Required for Auth0 CLI setup

Build Tool: This quickstart uses Vite for development. You can also use the SDK via CDN for a build-tool-free setup.

Get Started

This quickstart shows how to add Auth0 authentication to a vanilla JavaScript application. You’ll create a modern single-page app with secure login functionality using plain JavaScript and the Auth0 SPA SDK.

Create a new project

Create a new JavaScript project for this Quickstart

mkdir auth0-vanillajs && cd auth0-vanillajs

Initialize the project, install a local development server, and configure scripts

npm init -y && npm install --save-dev vite && npm pkg set scripts.dev="vite" scripts.build="vite build" scripts.preview="vite preview" type="module"

Create the basic project structure

touch index.html app.js style.css

Install the Auth0 SPA JS SDK

npm install @auth0/auth0-spa-js

Setup your Auth0 App

Next up, you need to create a new app on your Auth0 tenant and add the environment variables to your project.You have three options to set up your Auth0 app: use the Quick Setup tool (recommended), run a CLI command, or configure manually via the Dashboard:

Quick Setup (recommended)
CLI
Dashboard

Create an Auth0 App and copy the pre-filled .env file with the right configuration values.

Run the following shell command on your project’s root directory to create an Auth0 app and generate a .env.local file:

Before you start, create a .env.local file on your project’s root directory

.env.local

VITE_AUTH0_DOMAIN=YOUR_AUTH0_APP_DOMAIN
VITE_AUTH0_CLIENT_ID=YOUR_AUTH0_APP_CLIENT_ID

Head to the Auth0 Dashboard
Click on Applications > Applications > Create Application
In the popup, enter a name for your app, select Single Page Web Application as the app type and click Create
Switch to the Settings tab on the Application Details page
Replace YOUR_AUTH0_APP_DOMAIN and YOUR_AUTH0_APP_CLIENT_ID on the .env.local file with the Domain and Client ID values from the dashboard

Finally, on the Settings tab of your Application Details page, configure the following URLs:Allowed Callback URLs:

http://localhost:5173

Allowed Logout URLs:

http://localhost:5173

Allowed Web Origins:

http://localhost:5173

Allowed Callback URLs are a critical security measure to ensure users are safely returned to your application after authentication. Without a matching URL, the login process will fail, and users will be blocked by an Auth0 error page instead of accessing your app.Allowed Logout URLs are essential for providing a seamless user experience upon signing out. Without a matching URL, users will not be redirected back to your application after logout and will instead be left on a generic Auth0 page.Allowed Web Origins is critical for silent authentication. Without it, users will be logged out when they refresh the page or return to your app later.

Create the HTML structure and application logic

Create the application files:

Run your app

npm run dev

CheckpointYou should now have a fully functional Auth0 login page running on your localhost

Advanced Usage

Get an Access Token for API Calls

If you need to call a protected API, you can get an access token:

// Add this to your app.js
async function getAccessToken() {
  try {
    const token = await auth0Client.getTokenSilently({
      authorizationParams: {
        audience: 'YOUR_API_IDENTIFIER',
        scope: 'read:messages'
      }
    });
    
    // Use the token to call your API
    const response = await fetch('/api/protected', {
      headers: {
        Authorization: `Bearer ${token}`
      }
    });
    
    const data = await response.json();
    console.log(data);
  } catch (error) {
    console.error('Error getting token:', error);
  }
}

Handle Login with Popup

For a smoother user experience, you can use popup-based login:

// Replace the login function in app.js
async function login() {
  try {
    await auth0Client.loginWithPopup();
    await updateUI();
  } catch (err) {
    if (err.error !== 'popup_closed_by_user') {
      showError(err.message);
    }
  }
}

Add Organization Support

If you’re using Auth0 Organizations:

// Update your Auth0 client configuration
auth0Client = await createAuth0Client({
  domain: import.meta.env.VITE_AUTH0_DOMAIN,
  clientId: import.meta.env.VITE_AUTH0_CLIENT_ID,
  authorizationParams: {
    redirect_uri: window.location.origin,
    organization: 'YOUR_ORGANIZATION_ID' // or prompt user to select
  }
});

Single Page App

Regular Web App

Native/Mobile App

Backend/API

Add Login to Your JavaScript Application

Get Started

Advanced Usage

Single Page App

Regular Web App

Native/Mobile App

Backend/API

​Get Started

​Advanced Usage

Get Started

Advanced Usage