Connected Accounts, quickstart doc updates #271
Conversation
priley86
changed the title
priley86
changed the base branch from
main
to
feat/connected_accounts_doc_updates
pmalouin
left a comment
pmalouin
left a comment
There was a problem hiding this comment.
awesome! couple of minor things and some ideas
|
|
||
| steps.push( | ||
| <Step key="my-account-api" title="Configure My Account API"> | ||
| In the Auth0 Dashboard, configure the <a href="https://auth0.com/docs/manage-users/my-account-api" target="_blank">My Account API</a> to enable <a href="/intro/account-linking">account linking</a>: |
There was a problem hiding this comment.
Should we remove language about "account linking" here? We are actually describing the steps to Authorize access from your application to the My Account API (it's an application access policy configuration, not specifically related to account linking or even connected accounts)
There was a problem hiding this comment.
we could simply omit this bit? I do consider this section a prerequisite but do not have strong preference at all.
e.g.:
In the Auth0 Dashboard, configure the <a href="https://auth0.com/docs/manage-users/my-account-api" target="_blank">My Account API</a>:
Not sure if you have something more specific in mind though!
There was a problem hiding this comment.
asked the same question to @lrzhou25 here: https://github.com/auth0/docs-v2/pull/156/files#r2525585754
I'm in favor of removing, but would like her to weigh in to be sure.
There was a problem hiding this comment.
yes let's remove it. when i originally made the update, i was still under the impression from this ticket that connected accounts would replace the account linking flow, but it seems like it does not?
| <Step key="my-account-api" title="Configure My Account API"> | ||
| In the Auth0 Dashboard, configure the <a href="https://auth0.com/docs/manage-users/my-account-api" target="_blank">My Account API</a> to enable <a href="/intro/account-linking">account linking</a>: | ||
| <ul> | ||
| <li>Navigate to <strong>Authentication > APIs</strong>, locate the My Account API banner, and select <strong>Activate</strong> to activate the My Account API.</li> |
There was a problem hiding this comment.
it is called "Auth0 My Account API" in the dashboard. I think it might be preferable to use the exact name?
| <ul> | ||
| <li>Navigate to <strong>Applications > Applications</strong> and select your client application.</li> | ||
| <li>Under <strong>APIs</strong>, toggle on <strong>Auth0 My Account API</strong>.</li> | ||
| <li>Select the <a href="https://auth0.com/docs/manage-users/my-account-api#scope" target="_blank">Connected Accounts scopes</a> for the application in the dropdown.</li> |
There was a problem hiding this comment.
Perhaps we should indicate that the create:me:connected_accounts scope is the only required scope here (so the user knows to at least enable that one)
auth4genai/snippets/get-started/vercel-ai-next-js/call-others-api.mdx
Outdated
Show resolved
Hide resolved
auth4genai/snippets/get-started/langchain-next-js/call-others-api.mdx
Outdated
Show resolved
Hide resolved
auth4genai/snippets/get-started/vercel-ai-next-js/call-others-api.mdx
Outdated
Show resolved
Hide resolved
auth4genai/snippets/get-started/vercel-ai-react-spa-js/call-others-api.mdx
Outdated
Show resolved
Hide resolved
auth4genai/snippets/get-started/vercel-ai-react-spa-js/call-others-api.mdx
Show resolved
Hide resolved
| <li> | ||
| Navigate to{" "} | ||
| <strong> | ||
| Applications > APIs | ||
| </strong> | ||
| </li> | ||
| <li> | ||
| Click the{" "} | ||
| <strong>Create API</strong> button to create a new Custom API. | ||
| </li> | ||
| <li> | ||
| Go to the Custom API you created and click the <strong>Add Application</strong> button in the right top corner. |
There was a problem hiding this comment.
in this section, we should not tell the reader to create another API, rather to use the one that was just created already above. I think we should remove everything above here and reword this to:
<li>
From the Settings page of the Custom API that you just created, click the <strong>Add Application</strong> button in the right top corner.
There was a problem hiding this comment.
thank you! this was the reference i was looking for.. will update 👍
There was a problem hiding this comment.
updated after reviewing that flow here in my Dashboard:
76c7851
Co-authored-by: Patrick Malouin <patrick.malouin@okta.com>
pmalouin
left a comment
pmalouin
left a comment
There was a problem hiding this comment.
just one last editorial suggestion, but waiting on Lucy's feedback. Approving from my side in the mean time ✅
| To get your Auth0 application's `AUTH0_DOMAIN`, `AUTH0_CLIENT_ID`, and `AUTH0_CLIENT_SECRET`, navigate to <strong>Applications > Applications </strong> in the Auth0 Dashboard and select your Regular Web application. You'll find these values in the **Basic Information** section at the top. | ||
| Copy each value to the matching setting. | ||
|
|
||
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>APIs > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. |
There was a problem hiding this comment.
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>APIs > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. | |
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>Applications > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. |
| Copy each value to the matching setting. | ||
|
|
||
| To get your Auth0 application's `AUTH0_DOMAIN`, `AUTH0_CLIENT_ID`, and `AUTH0_CLIENT_SECRET`, navigate to the **Settings** tab in the Auth0 Dashboard. You'll find these values in the **Basic Information** section at the top. | ||
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>APIs > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. |
There was a problem hiding this comment.
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>APIs > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. | |
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>Applications > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. |
|
|
||
| steps.push( | ||
| <Step key="my-account-api" title="Configure My Account API"> | ||
| In the Auth0 Dashboard, configure the <a href="https://auth0.com/docs/manage-users/my-account-api" target="_blank">My Account API</a> to enable <a href="/intro/account-linking">account linking</a>: |
There was a problem hiding this comment.
yes let's remove it. when i originally made the update, i was still under the impression from this ticket that connected accounts would replace the account linking flow, but it seems like it does not?
| <li>Navigate to <strong>Applications > Applications</strong> and select your client application.</li> | ||
| <li>Under <strong>APIs</strong>, toggle on <strong>Auth0 My Account API</strong>.</li> | ||
| <li>Select the <a href="https://auth0.com/docs/manage-users/my-account-api#scope" target="_blank">Connected Accounts scopes</a> for the application in the dropdown.</li> | ||
| <li>Select the <a href="https://auth0.com/docs/manage-users/my-account-api#scope" target="_blank">Connected Accounts scopes</a> for the application in the dropdown, ensuring that the <code>create:me:connected_accounts</code> permission at least is selected.</li> |
There was a problem hiding this comment.
| <li>Select the <a href="https://auth0.com/docs/manage-users/my-account-api#scope" target="_blank">Connected Accounts scopes</a> for the application in the dropdown, ensuring that the <code>create:me:connected_accounts</code> permission at least is selected.</li> | |
| <li>Select the <a href="https://auth0.com/docs/manage-users/my-account-api#scope" target="_blank">Connected Accounts scopes</a> for the application in the dropdown, ensuring that at least the <code>create:me:connected_accounts</code> permission is selected.</li> |
| <ul> | ||
| <li>Navigate to <strong>Applications > Applications</strong> and select your client application.</li> | ||
| <li>On the <strong>Settings</strong> tab, scroll down to the <strong>Multi-Resource Refresh Token</strong> section.</li> | ||
| <li>Select <strong>Edit Configuration</strong> and then enable the MRRT toggle for the <strong>Auth0 My Account API</strong>.</li> |
There was a problem hiding this comment.
i think you also need to enable Allow Skipping User Consent for the My Account API in order for MRRT to work. i remember running into this error and someone else reporting this recently
i put that step under the My Account API config to reduce UX friction (the user having to go back and forth between My Account API config and then the application config for MRRT: https://docs.google.com/document/d/1OQ5nnWGvBtLAnk6QIsxicuCd2WA1OUbxsMSvyrk-gA8/edit?tab=t.0#heading=h.cisneua0vv4x
| To get your SPA application's `VITE_AUTH0_DOMAIN`, and `VITE_AUTH0_CLIENT_ID`, navigate to <strong>Applications > Applications </strong> in the Auth0 Dashboard and select your SPA application. You'll find these values in the **Basic Information** section at the top. | ||
| Copy each value to the matching setting. | ||
|
|
||
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>APIs > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. |
There was a problem hiding this comment.
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>APIs > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. | |
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>Applications > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. |
| To get your SPA application's `VITE_AUTH0_DOMAIN`, and `VITE_AUTH0_CLIENT_ID`, navigate to <strong>Applications > Applications </strong> in the Auth0 Dashboard and select your SPA application. You'll find these values in the **Basic Information** section at the top. | ||
| Copy each value to the matching setting. | ||
|
|
||
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>APIs > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. |
There was a problem hiding this comment.
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>APIs > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. | |
| To get your API's `AUTH0_AUDIENCE`, navigate to <strong>Applications > APIs </strong> in the Auth0 Dashboard and select your API. You'll find the identifier in the **General Settings** section at the top. |
|
|
||
| // Use Auth0 SPA SDK to request additional connection/scopes | ||
| const startFederatedLogin = useCallback(async () => { | ||
| // Use Auth0 SPA SDK to connect a third-party account |
There was a problem hiding this comment.
| // Use Auth0 SPA SDK to connect a third-party account | |
| // Use Auth0 SPA SDK to connect an external account |
| connection_scope: validScopes.join(" "), // Google-specific scopes | ||
| access_type: "offline", | ||
| }, | ||
| // Use the connect account flow to request authorization+consent for the 3rd party API. |
There was a problem hiding this comment.
| // Use the connect account flow to request authorization+consent for the 3rd party API. | |
| // Use the connect account flow to request authorization+consent for the externalAPI. |
| OPENAI_API_KEY="YOUR_API_KEY" | ||
| ``` | ||
|
|
||
| ### Set up Token Vault for Google social connection |
There was a problem hiding this comment.
i wonder if we should add a note here about how the user needs to select offline_access in the Auth0 Dashboard specifically for a Google social connection
| export const withGoogleConnection = auth0AI.withTokenVault({ | ||
| connection: "google-oauth2", | ||
| scopes: ["https://www.googleapis.com/auth/calendar.events"], | ||
| scopes: ["openid", "https://www.googleapis.com/auth/calendar.events"], |
There was a problem hiding this comment.
Description
Extends #156 with quickstart updates for the Connected Accounts features being added to Auth0 AI SDKs.
related quickstart pr's currently being prepared:
auth0/auth0-ai-js#291
auth0-samples/auth0-ai-samples#43
auth0-samples/auth0-assistant0#18
auth0/auth0-ai-js#291
References
https://auth0team.atlassian.net/browse/AIDX-240
Testing
Checklist