wt create webtask.js --auth0
When browsing the webtask URL, the user will get a page with Lock. Once logged in, the result of the webtask will be shown.
The webtask will now have an "authenticated context" accesible through
Implementation note: use Lock popup mode and once you get the JWT, call the webtask from AJAX. The webtask is protected with JSON Web Tokens signed with a shared secret. Identity providers available: Google, GitHub and Facebook.
You can further restrict who can access the webtask by doing:
wt create webtask.js --auth0 --emails="@company.com, email@example.com, regex.*@foo\.com"
We will check the email of the authenticated user and compare against these constraints and also check that
email_verified is true.
Finally, allow the user to connect it to its own Auth0 account:
wt create webtask.js --auth0 --clientId=... --clientSecret=... --auth0Domain=....
If you browse the webtask now, the same thing as before happens but now you can control what identity providers to use. If you are building an application, you can now use Auth0 for authentication (using auth0js, oauth/ro or whatever you want to obtain a token) and call webtask with a valid JWT.