PHPackages maxime-rainville/silverstripe-auth0 - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. maxime-rainville/silverstripe-auth0 ActiveSilverstripe-vendormodule[Authentication & Authorization](/categories/authentication) maxime-rainville/silverstripe-auth0 =================================== Auth0 authorizer for SilverStipe 4. 0293[7 issues](https://github.com/maxime-rainville/silverstripe-auth0/issues)[1 PRs](https://github.com/maxime-rainville/silverstripe-auth0/pulls)PHPCI failing Since Sep 18Pushed 6y ago2 watchersCompare [ Source](https://github.com/maxime-rainville/silverstripe-auth0)[ Packagist](https://packagist.org/packages/maxime-rainville/silverstripe-auth0)[ RSS](/packages/maxime-rainville-silverstripe-auth0/feed)WikiDiscussions master Synced today READMEChangelogDependenciesVersions (2)Used By (0) Auth0/Silverstripe Integration ============================== [](#auth0silverstripe-integration) This module provides a mean to authenticate your SilverStripe user against Auth0. What's Auth0? ------------- [](#whats-auth0) [Auth0](https://auth0.com/) is an Identity Service provider. It allows you to easily set up things like Single Sign On and Social Login. Why use Auth0 with SilverStripe? -------------------------------- [](#why-use-auth0-with-silverstripe) Let's say you want to quickly allow your users to register/login with Facebook or Google. With this module you can do this minutes. Let's say you have dozens of websites you manage. With this module you can manage permissions for all your sites in Auth0 and have a single source of truth. Requirements ------------ [](#requirements) - silverstripe/framework: ^4.0 - auth0/auth0-php: ^5.1 Installation and basic set up ----------------------------- [](#installation-and-basic-set-up) The exact set up to get the module working can very quite a bit depending on what your use case. However, the following steps will be starting point for all use case. ### Prerequisite [](#prerequisite) You'll need a functional SilverStripe site and an active administrator account with a valid email address. In this set up, Auth0 completely takes over user identification. So if you don't have a pre-existing administrator account, you won't be able to log into your CMS afterwards. If you disable this module, your original credentials will still work however. ### Installing [](#installing) ``` composer require maximerainville/silverstripe-auth0 ``` ### Setting up an Auth0 account and application [](#setting-up-an-auth0-account-and-application) Follow the steps in the [SSO for Regular Web Apps: Auth0 Configuration](https://auth0.com/docs/architecture-scenarios/application/web-app-sso/part-2)tutorial. Make sure you configure at least one connection type (e.g.: Facebook, Google, etc.) When asked to provide a callback URL, enter `http://example.com/Security/login/callback`, replacing `http://example.com/` with your SilverStripe web root URL. Include all domains and protocol variations that will be using this Auth0 account for authentication. On your Auth0 application settings page, you will be provided: - a Auth0 domain ; - a client id ; - a client secret. You'll need those in the next step. ### Configure your SilverStripe website [](#configure-your-silverstripe-website) Add the following keys to your SilverStripe `.env` file and enter the values from the previous step: - AUTH0\_DOMAIN ; - AUTH0\_CLIENT\_ID ; - AUTH0\_CLIENT\_SECRET. Run a `dev/build` of your site and you should be all set up. ### Trying it out [](#trying-it-out) If you try to access any page that requires authentication, rather than be redirected to the SilverStripe login screen, you will be redirected to your Auth0 authentication screen. On their first login, user will be ask to grant your Auth0 application access to their account if they are using a social media provider. Once users have agreed, they will be redirected to your site. If they have a pre-existing account on your website (based on their email address), they will be logged in. If the user doesn't have a pre-existing account, the default behavior is to deny access. If you want to grant access to additional user, you just need to create Members in the CMS like you normally would and as long as their email matches the identity they provide to Auth0, they will be allowed in. Note that the permissions for each user are still completely managed by SilverStripe in this set up. Auth0 is only acting as an identity provider. Alternative set up ------------------ [](#alternative-set-up) The basic example is meant to be simple so you can build on top of it. To module is designed to be flexible so you can easily personalise its behavior to your needs. Here are a few sample use case and instruction on how to implement them. They are ordered in increasing level of complexity. 1. Allow registration for anyone. 2. Allow registration if certain criteria are met. 3. Basic Authorisation provider via Auth0 rule. 4. Advanced authorisation provider via the [Auth0 Authorization Extension](https://auth0.com/docs/extensions/authorization-extension/v2) ### Health Score 22 — LowBetter than 22% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity9 Limited adoption so far Community10 Small or concentrated contributor base Maturity42 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://avatars.githubusercontent.com/u/1168676?v=4)[Maxime Rainville](/maintainers/maxime-rainville)[@maxime-rainville](https://github.com/maxime-rainville) --- Top Contributors [![maxime-rainville](https://avatars.githubusercontent.com/u/1168676?v=4)](https://github.com/maxime-rainville "maxime-rainville (1 commits)") ### Embed Badge ![Health badge](/badges/maxime-rainville-silverstripe-auth0/health.svg) ``` [![Health](https://phpackages.com/badges/maxime-rainville-silverstripe-auth0/health.svg)](https://phpackages.com/packages/maxime-rainville-silverstripe-auth0) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)