Skip to content

Instantly share code, notes, and snippets.


Matias Woloski woloski

View GitHub Profile
woloski / rule-map-email-to-nameid.js
Last active Jan 11, 2022
Salesforce Auth0 rule. This is the default mapping Auth0 will use for Salesforce. You can create a new Rule and change this with whatever you want.
View rule-map-email-to-nameid.js
function (user, context, callback) {
// this rule can be used if you have chosen to use Username as the way to identify a user in Salesforce. Notice that we are mapping the email to the nameidentifier.
if (context.clientName === 'Salesforce') {
context.samlConfiguration.mappings = {
'': 'email',
'User.Username': 'email',
'User.Email': 'email',
'User.FirstName': 'given_name',
woloski / preuserhook.js
Created Mar 29, 2019
Pre User Registration hook for Auth0 that block disposable emails
View preuserhook.js
const emailVerifier = require("verifier-node");
module.exports = function (user, context, cb) {
var response = {};
emailVerifier.verify(, context.webtask.secrets.VERIFIER_APIKEY)
.then(response => {
if (!response.valid()) return cb(new Error('Disposable email!'));
response.user = user;
View newsletter

Hey {user || there},

For the last few months, we've been working on many new features and improvements to the platform. We thought it was a good time to re-connect and give you a quick update about Auth0.

We have reached 1300+ subscribers to our service, and there are many companies using the private cloud/on-premises appliance daily. Thanks for your support, feedback and business!

Here are some of the things we thought you might find useful:

  1. Know who is using your apps
  2. Richer user profiles
woloski /
Last active Feb 4, 2021
Multi Tenant Apps in Auth0

Multitenancy refers to a principle in software architecture where a single instance of the software runs on a server, serving multiple client-organizations (tenants)

Let's start by enumerating some multi tenant applications and understand how they handle it.



woloski / Console Output
Created Apr 12, 2012
ADFS Audit Event Collector
View Console Output
This would be the console output
Claims for: https://myadfs/ (Correlation: 84b46102-3ed2-4ff2-88ac-eace0709667c) : myadfs : 2012-04-12T21:15:32.410Z :
enticationmethod/windows : S-1-5-21-1409732942-2814574796-20323036 : S-1-5-21-1409732942-2814574796-203230364-513 : S-1-1-0
woloski / payment.html
Last active Oct 1, 2020
Stripe Checkout + webtask
View payment.html
<button class="pay">Pay</button>
<script src="">
var handler = StripeCheckout.configure({
image: 'https://yourlogo.png',
locale: 'auto',
token: function(token) {
$('.pay').prop("disabled", true);
  1. Install the Custom Social Connections extension
  2. Click on the Slack button to install the Slack connection
  3. Enter a Slack Client ID and Secret. To get those go to: Fill the fields and pay special attention to the Redirect URI. Enter: See screenshots below.
  4. Click on App Credentials on the left and copy the Client ID and Client Secret and paste them on the Auth0 dashboard
  5. Click Save and then try the flow using the Try button. You should get back the full profile from Slack, including email, team and avatars.

Note: you can change the scopes on the Scope field on Auth0 and include any of these:

You can now use the Slack connection using any Auth0 client library. Example:

woloski /
Created May 16, 2015
top 100 packages from heroku distiled for webtask
  • bcrypt: A bcrypt library for NodeJS.
  • pg: PostgreSQL client - pure javascript & libpq with the same API
  • q: A library for promises (CommonJS/Promises/A,B,D)
  • node-uuid: Rigorous implementation of RFC4122 (v1 and v4) UUIDs.
  • optimist: Light-weight option parsing with an argv hash. No optstrings attached.
  • aws-sdk: AWS SDK for JavaScript
  • validator: String validation and sanitization
  • cheerio: Tiny, fast, and elegant implementation of core jQuery designed specifically for the server
  • knox: Amazon S3 client
  • consolidate: Template engine consolidation library
woloski /
Last active Jun 14, 2017
this shows a very simple bare bones example of authenticating with Auth0 using standard python libraries
import webapp2
import urllib2
import urllib
import json
CLIENT_ID = "vYPeq7LGf1utg2dbDlGKCwGKgy94lPH0"
CALLBACK_URL = "http://localhost:8080/callback"
woloski /
Created Oct 13, 2014
Authenticate with Google through Auth0 and refresh the access token from Browser
  1. Create a Client ID and an API Key on Google API Console. Set the Allowed Origins (e.g. localhost:3000).
  2. Create an app in Auth0 and set the Allowed Origins (e.g. localhost:3000) and the callback to