Auth0

Auth0 handles user authentication. When a user signs in, Auth0 issues a JWT access token which the app passes to auth-svc to register and identify the user.

A.1 Dashboard setup

Create your Auth0 account, application, API, and optional SSO/passkey connections by following the Auth0 setup guide in the auth-svc docs. That guide covers everything you need to configure in the Auth0 dashboard.

Once done, come back here with your Domain, Client ID, and Audience values.

Optional: Enable Google SSO

1. Go to Authentication → Social → Create Connection → Google / Gmail.
2. Provide your Google OAuth web client credentials (from Google setup).
3. Enable the connection for your Native application.

Optional: Enable Passkey

1. Go to Authentication → Passwordless.
2. Enable Passkey and follow the setup wizard.

A.2 Configure callback URLs

Under your application's Settings, add the following to Allowed Callback URLs and Allowed Logout URLs:

# iOS
{YOUR_BUNDLE_ID}.auth0://{YOUR_AUTH0_DOMAIN}/ios/{YOUR_BUNDLE_ID}/callback

# Android
{YOUR_PACKAGE_NAME}.auth0://{YOUR_AUTH0_DOMAIN}/android/{YOUR_PACKAGE_NAME}/callback

Replace {YOUR_BUNDLE_ID} and {YOUR_PACKAGE_NAME} with the values from your app.config.ts.

A.3 Add values to .env

EXPO_PUBLIC_AUTH0_DOMAIN=your-tenant.auth0.com
EXPO_PUBLIC_AUTH0_CLIENT_ID=your_client_id
EXPO_PUBLIC_AUTH0_AUDIENCE=silent-shard-boilerplate

The EXPO_PUBLIC_AUTH0_AUDIENCE value must exactly match the Identifier configured in your Auth0 API. A mismatch causes token verification to fail on the backend.