Skip to content

Instantly share code, notes, and snippets.

Saltuk Alakus saltukalakus

View GitHub Profile
saltukalakus /
Last active May 13, 2020
Auth0 SAML Login-Logout matrix

Auth0 as IdP

IdP initiated login:

IdP initiated logout:

How is it initiated?

Once initiated, sends the logout request to the callback URL configured at SAML addon callback setting.

saltukalakus / rule.js
Last active May 14, 2020
DUO replace username
View rule.js
function (user, context, callback) {
// run only for the specified clients
if (CLIENTS_WITH_MFA.indexOf(context.clientID) !== -1) {
// uncomment the following if clause in case you want to request a second factor only from user's that have user_metadata.use_mfa === true
// if (user.user_metadata && user.user_metadata.use_mfa){
context.multifactor = {
saltukalakus /
Last active May 12, 2020
Signing in from the enterprise and social connections with metadata available starting from the first login (a.k.a signup)


  • We have an app that the users can log in only with a few selected social and the enterprise connections. These users should have a specific app_metadata and user_metadata starting from the first login.


1-) Creaate a regular Auth0 DB connection with signup option turned off. Let's assume it's named as Auth0DBInitialMetadata.

2-) Set a rule which prevents login in with the Auth0 DB connection above. So that this connection isn't used for login directly unintentionally.

saltukalakus / Login.js
Created Apr 9, 2020
Azure MySQL Login.js
View Login.js
function login(email, password, callback) {
const mysql = require('mysql@2.18.1');
const bcrypt = require('bcrypt');
const azureCa = "-----BEGIN CERTIFICATE-----\nMIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9aMQswCQYDVQQGEwJJ\n....\nR9I4LtD+gdwyah617jzV/OeELqYzmp\n-----END CERTIFICATE-----\n";
const connection = mysql.createConnection({
host: configuration.DbHost,
user: configuration.DbUser,
password: configuration.DbPassword,
database: configuration.DbName,
saltukalakus / MySPApp.json
Created Mar 27, 2020
Deploy CLI multiple callback URL update
View MySPApp.json
"allowed_clients": [],
"allowed_logout_urls": [
"allowed_origins": [
"app_type": "spa",
"callbacks": @@example-app-redirect-uri@@,
saltukalakus / GetUser.js
Last active Mar 18, 2020
Custom DB Wordpress Migration Script
View GetUser.js
/* globals require, configuration */
* This script will be executed when the user wishes to change their password to test if the user exists.
* This needs a global configuration option with the following properties:
* {string} endpointUrl - Site URL with an empty "a0_action" parameter appended.
* {string} migrationToken - Migration token found in the plugin settings
* {string} userNamespace - Formatted site name to avoid user ID overlapping.
* @param {string} email - User email address, provided on login.
saltukalakus / saml_metadata_modified_with_connection.xml
Last active Feb 12, 2020
Saml metadata modified with the connection name where Auth0 is the IdP
View saml_metadata_modified_with_connection.xml
<EntityDescriptor entityID="" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="signing">
<KeyInfo xmlns="">
saltukalakus / hostedPasswordlessPage.html
Created Dec 5, 2019
Print the phone number on console before submit
View hostedPasswordlessPage.html
<!DOCTYPE html>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Sign In with Auth0</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
saltukalakus / gist:08efe814847f9a049ce4d07140817c78
Created Dec 3, 2019
Encrypt & Decrypt with existing keys
View gist:08efe814847f9a049ce4d07140817c78
const crypto = require("crypto");
let publicKey = `-----BEGIN PUBLIC KEY-----
saltukalakus / test.js
Created Dec 3, 2019
Encrypt & Decrypt with Node's crypto lib.
View test.js
const crypto = require("crypto");
modulusLength: 4096,
publicKeyEncoding: {
type: "spki",
format: "pem"
You can’t perform that action at this time.