API ReferenceGuides

Setup Auth0

Suggest Edits

Auth0 has some excellent guides. You should start here to learn more about what Auth0 is, and the standards it supports. Open Authorization (OAuth) 2 and JSON Web Tokens (JWTs) are standards also used by Unloc.

How to make Auth0 work with Unloc

  1. Begin by creating an Auth0 account here. A good tenant name would be the same as your Integrator name.
  2. Add the Unloc API under Applications -> APIs. Both api.unloc.app and api.unloc.sandbox.app can be used as identifier, depending on which environment you want the user to have access to. Only RS256 is supported.
248 631
  1. Enable RBAC and permissions on access tokens on the newly created APIs settings (Unloc API)
945
  1. Add permissions to the Unloc API. These are the same permissions for Lock Holders as exemplified here.
1064

Optional: For easier management over permissions, you can group permissions into role(s) as explained here.

  1. Add user(s) through the User Management
247
  1. Add permissions for your users
1059

  1. Add the signing key URL from Auth0 to your Integrator through our endpoint [PUT ENDPOINT LINK HERE]. Your Auth0 signing key URL is: https://[tenant_name].auth0.com/.well-known/jwks.json - just replace [tenant_name] with the tenant name you chose in step 1.

  2. You are now ready to retrieve user tokens. Read more about the different way of retrieving these here.

Updated almost 2 years ago