auth0-spa-js

Auth0 authentication for Single Page Applications (SPA) with PKCE (by auth0)

Auth0-spa-js Alternatives

Similar projects and alternatives to auth0-spa-js

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better auth0-spa-js alternative or higher similarity.

auth0-spa-js reviews and mentions

Posts with mentions or reviews of auth0-spa-js. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-10-11.
  • Tell HN: Stytch Login SaaS Unicorn has common auth vulnerabilities
    6 projects | news.ycombinator.com | 11 Oct 2022
    Your message feels disingenuous and not in good-faith.

    Auth0 clearly advises against the localStorage option which is most similar to Stytch's:

    > _Important:_ This feature will allow the caching of data _such as ID and access tokens_ to be stored in local storage. Exercising this option changes the security characteristics of your application and _should not be used lightly._ Extra care should be taken to mitigate against XSS attacks and minimize the risk of tokens being stolen from local storage.

    This is from the readme of the github you linked:

    https://github.com/auth0/auth0-spa-js/tree/0de9c6bf61d37fc21...

    And since their other client-only solutions have major UX challenges (as you highlight), I expect most Auth0 users have landed on the secure option.

    This is very different from Stytch - which as far as I can tell - doesn't disclose or acknowledge the risk, and instead willingly puts developers at increased risk. Throughout this thread, you've been dismissive of the risk despite security organizations clearly indicating that HttpOnly is best-practice.

    You've found a legitimate comparison in Firebase, but for me, you've taken several steps too far trying to compare to Auth0.

  • Fastify DX and SolidJS in the Real World
    12 projects | dev.to | 20 Jul 2022
    Auth0 provides the auth0-spa-js package which offers two ways to authenticate users:
  • Persistent login in React using refresh token rotation
    3 projects | dev.to | 17 Sep 2021
    Therefore, I have transformed the library [@auth0/auth0-spa-js](https://github.com/auth0/auth0-spa-js), which is another official Auth0 client library, to have an authentication hook and methods that can be accessible outside the components.
  • React Testing Library with Auth0 and conditional rendering
    1 project | /r/reactjs | 23 Feb 2021
    auth0-spa-js must run on a secure origin. See https://github.com/auth0/auth0-spa-js/blob/master/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin for more information. 32 | it("renders a login button", () => { 33 | > 34 | const { getByText } = render( | ^ 35 | 36 | 37 |
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 18 May 2024
    Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Stats

Basic auth0-spa-js repo stats
5
880
8.5
5 days ago

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com