Skip to main content

Use AI to integrate Auth0

If you use an AI coding assistant like Claude Code, Cursor, or GitHub Copilot, you can add Auth0 authentication automatically in minutes using agent skills.Install:
Then ask your AI assistant:
Your AI assistant will automatically create your Auth0 application, fetch credentials, install @auth0/auth0-fastify, configure the plugin, and create all necessary routes and views. Full agent skills documentation →
Prerequisites: Before you begin, ensure you have the following installed:Verify installation: node --version && npm --versionFastify Version Compatibility: This quickstart works with Fastify 5.x and newer.

Get Started

This quickstart demonstrates how to add Auth0 authentication to a Fastify application. You’ll build a secure web app with login, logout, and user profile features using the Auth0 Fastify SDK.
1

Create a new project

Create a new directory for your Fastify application and initialize a Node.js project.
Initialize the project
Create the project structure
2

Install the Auth0 Fastify SDK

Install the required dependencies
We’re using @fastify/view with ejs for server-side rendering. You can use any template engine supported by Fastify.
Update your package.json to add start scripts:
package.json
3

Setup your Auth0 App

Next, you need to create a new application on your Auth0 tenant and add the environment variables to your project.You have three options to set up your Auth0 app: use the Quick Setup tool (recommended), run a CLI command, or configure manually via the Dashboard:
Verify your .env file exists: cat .env (Mac/Linux) or type .env (Windows)
4

Configure the Auth0 plugin

Create your Fastify server and register the Auth0 plugin:
server.js
What this does:
  • Registers the view engine for rendering HTML templates
  • Configures the Auth0 plugin with your credentials
  • Automatically creates routes at /auth/login, /auth/logout, and /auth/callback
  • Handles session management with encrypted cookies
5

Create view templates

Create a views directory and add template files:
Mac/Linux
Windows
Create the home page template:
views/home.ejs
Create the profile page template:
views/profile.ejs
6

Create routes

Add routes to your server.js file:
server.js
Key points:
  • The home route checks authentication status and passes it to the template
  • The profile route uses a preHandler to protect the route
  • getSession() returns the user’s session or null if not authenticated
  • getUser() returns the authenticated user’s profile information
7

Run your app

Start the development server:
Open your browser to http://localhost:3000.
The --watch flag in Node.js 20+ automatically restarts the server when files change.
CheckpointYou should now have a fully functional Auth0 login page. When you:
  1. Click “Login” - you’re redirected to Auth0’s Universal Login page
  2. Complete authentication - you’re redirected back to your app
  3. Visit “/profile” - you see your user information
  4. Click “Logout” - you’re logged out of both your app and Auth0

Advanced Usage

To call external APIs that require an access token, configure the SDK with an audience:
server.js
Add to your .env file:
.env
Then retrieve and use the access token:
server.js
By default, Auth0 routes are mounted at /auth/*. You can disable auto-mounting and create custom routes:
server.js
Remember to update your Allowed Callback URLs in the Auth0 Dashboard to include your custom callback URL.
Enable users to link multiple authentication providers to a single account:
server.js
This automatically creates the following routes:
  • /auth/connect - Link a new provider
  • /auth/connect/callback - Handle the linking callback
  • /auth/unconnect - Unlink a provider
  • /auth/unconnect/callback - Handle the unlinking callback
Add linking buttons to your profile page:
views/profile.ejs
Convert your project to TypeScript for better type safety:
Create a tsconfig.json:
tsconfig.json
Rename server.js to server.ts and add types:
server.ts
Update package.json:
package.json

Troubleshooting

”Invalid state” error after login

Problem: State mismatch between the authentication request and callback.Solutions:
  1. Ensure cookies are being set correctly (not blocked by browser)
  2. Verify callback URL matches exactly in Auth0 Dashboard (including /auth/callback)
  3. Check that SESSION_SECRET is set and at least 64 characters long

”session is undefined” error

Problem: Unable to retrieve session data.Solution: Ensure the Auth0 plugin is registered before accessing session methods:

Callback URL mismatch

Problem: “Callback URL mismatch” error from Auth0.Solution:
  1. Go to your Auth0 Dashboard → Applications → Your App → Settings
  2. Add http://localhost:3000/auth/callback to Allowed Callback URLs
  3. The URL must match exactly (including the /auth/callback path)

Environment variables not loading

Problem: Configuration values are undefined.Solution:
  1. Ensure import 'dotenv/config' is at the top of your entry file
  2. Verify .env file is in the root directory
  3. Check for typos in variable names

Next Steps

Now that you have authentication working, consider exploring:

Resources