> ## Documentation Index
> Fetch the complete documentation index at: https://docs.authsignal.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Auth0 Native Bridge

> Learn how to use issue an Auth0 access token during authsignal flows like passkey auto-fill

In this guide we will show you how to complete authentication with Auth0 in a native mobile app, when using Authsignal's passkey implementation.

The integration requires configuring a new custom database connection, configuring your Application in Auth0, and finally implementing a back-end API to validate the Authsignal challenge and issue an Auth0 access token.

## Integration steps

### Create a new custom database connection

<Steps>
  <Step title="Navigate to the Auth0 dashboard Database Connections page">
    Click on the **Create DB Connection** button.

    <Frame caption="Create a new custom database connection.">
      <img src="https://mintcdn.com/authsignal-23/U9XmxdPe4AWAeEuC/images/docs/auth0/new-custom-database-connection.png?fit=max&auto=format&n=U9XmxdPe4AWAeEuC&q=85&s=0d4925031b3c49c412d27a5c6f038d9d" alt="Create a new custom database connection." width="2888" height="1108" data-path="images/docs/auth0/new-custom-database-connection.png" />
    </Frame>
  </Step>

  <Step title="Complete the form with the following values">
    <Frame caption="New custom database connection configuration.">
      <img src="https://mintcdn.com/authsignal-23/U9XmxdPe4AWAeEuC/images/docs/auth0/new-custom-database-connection-config.png?fit=max&auto=format&n=U9XmxdPe4AWAeEuC&q=85&s=24704340bdfec50d982410ce6e0832fb" alt="New custom database connection configuration form." width="2900" height="3188" data-path="images/docs/auth0/new-custom-database-connection-config.png" />
    </Frame>
  </Step>

  <Step title="Configure the custom database action script">
    <Frame caption="Navigate to the custom database section.">
      <img src="https://mintcdn.com/authsignal-23/U9XmxdPe4AWAeEuC/images/docs/auth0/custom-database-nav.png?fit=max&auto=format&n=U9XmxdPe4AWAeEuC&q=85&s=4f97730480515a1411510457a4802b4f" alt="Navigate to the custom database section." width="2346" height="604" data-path="images/docs/auth0/custom-database-nav.png" />
    </Frame>

    Scroll down to **Database Action Scripts**, copy and paste the following database action script for "Login"

    ```javascript theme={null}
    function login(identifierValue, password, context, callback) {
      const request = require("request");

      // Ensure that the Authsignal API host name is pointing to the correct region
      // For example, if you're using the US region, the host name should be https://us.connect.authsignal.com
      // If you're using the EU region, the host name should be https://eu.connect.authsignal.com
      request.post(
        {
          url: "https://us.connect.authsignal.com/get-user",
          auth: {
            user: configuration.AUTHSIGNAL_SECRET,
            sendImmedaiately: true,
          },
          json: {
            token: password,
          },
        },
        function (err, response, body) {
          if (err) return callback(err);
          if (response.statusCode >= 400) return callback();
          const user = body;

          if (user.userId) {
            const profile = {
              email: user.email,
              email_verified: true,
              user_id: user.userId.split("|")[1],
            };

            return callback(null, profile);
          }
        }
      );
    }
    ```

    Scroll down to the **Database Settings** section and add your Authsignal Server API secret key to database settings.

    <Frame caption="Add your Authsignal Server API secret key to database settings.">
      <img src="https://mintcdn.com/authsignal-23/U9XmxdPe4AWAeEuC/images/docs/auth0/database-settings.png?fit=max&auto=format&n=U9XmxdPe4AWAeEuC&q=85&s=3c4df60a3a7eb7db55b578d3c18e4c54" alt="Add your Authsignal Server API secret key to database settings." width="2046" height="744" data-path="images/docs/auth0/database-settings.png" />
    </Frame>
  </Step>
</Steps>

That's it, we've created a new custom database connection, which will allow us to use Authsignal as an external authentication source.

### Configure your Auth0 Application

<Warning>
  In this guide we are using the "Default App" as an example, in order for your integration work
  ensure that the application you're using is created as a **Regular Web Application**.
</Warning>

<Frame caption="Create a regular web application">
  <img src="https://mintcdn.com/authsignal-23/U9XmxdPe4AWAeEuC/images/docs/auth0/create-application.png?fit=max&auto=format&n=U9XmxdPe4AWAeEuC&q=85&s=07f97ec4dc26326e4cdb887bf6826115" alt="Create a regular web application." width="1608" height="1452" data-path="images/docs/auth0/create-application.png" />
</Frame>

<Steps>
  <Step title="Navigate to the Auth0 Application section">
    Navigate to the Auth0 Application section and click menu for on the application you want to configure, and select **Connections**

    <Frame caption="Application connections.">
      <img src="https://mintcdn.com/authsignal-23/U9XmxdPe4AWAeEuC/images/docs/auth0/application-settings.png?fit=max&auto=format&n=U9XmxdPe4AWAeEuC&q=85&s=612cfeb90db92e4855936b08d3d672e9" alt="Application connections." width="2880" height="1166" data-path="images/docs/auth0/application-settings.png" />
    </Frame>
  </Step>

  <Step title="Turn on the authsignal custom database connection">
    Ensure that the **"authsignal"** (the name of the custom database connection we created in the
    previous step) database connection is turned on.

    <Frame caption="The authsignal custom database is turned on for the application.">
      <img src="https://mintcdn.com/authsignal-23/U9XmxdPe4AWAeEuC/images/docs/auth0/custom-database-turned-on.png?fit=max&auto=format&n=U9XmxdPe4AWAeEuC&q=85&s=b67d54f9f1643f2ac5f2a658585c4aa8" alt="The authsignal custom database is turned on for the application." width="2892" height="1158" data-path="images/docs/auth0/custom-database-turned-on.png" />
    </Frame>
  </Step>

  <Step title="Navigate to the Settings tab, scroll down and expand the advanced settings section and click on Grant Types">
    Click to check the **Password** grant type.

    <Frame caption="Navigate to advanced settings.">
      <img src="https://mintcdn.com/authsignal-23/U9XmxdPe4AWAeEuC/images/docs/auth0/advanced-settings.png?fit=max&auto=format&n=U9XmxdPe4AWAeEuC&q=85&s=e50204464b4f8dc95dca1ae2820aba36" alt="Navigate to advanced settings." width="1946" height="938" data-path="images/docs/auth0/advanced-settings.png" />
    </Frame>
  </Step>
</Steps>

### Implement a back-end API for validation

Once the above steps are completed, you'll be able to complete the final step of the integration, the back-end API implementation takes care of validating the Authsignal challenge token (for example when a user completes a passkey [sign-in](/sdks/client/mobile/passkeys#using-a-passkey)) and issues an Auth0 access token.

The following steps will guide you through the two critical steps that you need to implement in your back-end API. In this guide we will use a Node.js implementation, but you can use any language you prefer.

<Steps>
  <Step title="Initiate Passkey auto-fill on the client side">
    Initiate Passkey on your mobile client, see [documentation](/sdks/client/mobile/passkeys#using-a-passkey).
  </Step>

  <Step title="Validate the Authsignal token and call Auth0 Resource Owner Password Grant API to issue an access token">
    Pass client side token to the implemented back-end API. In your implementation you are doing the following:

    * Authsignal [Validate Challenge](/sdks/server/challenges#validate-challenge)
    * Auth0 [Resource Owner Password Grant API](https://auth0.com/docs/get-started/authentication-and-authorization-flow/resource-owner-password-flow/call-your-api-using-resource-owner-password-flow).

    <Note>
      In this guide we've used the `scope` values of `openid profile email`, and had a placeholder for the `audience` value, but you'll have to configure the appropriate values for your application.
    </Note>

    <CodeGroup>
      ```ts Node.js theme={null}
      const request = {
        token: "eyJhbGciOiJ...",
      };

      // Step 1. Validate the Authsignal challenge token
      const response = await authsignal.validateChallenge(request);

      if (response.state === "CHALLENGE_SUCCEEDED") {
        // Step 2. Call Auth0 Resource Owner Password Grant API to issue an access token
        const user =  await authsignal.getUser({userId: response.userId});

        const response = await fetch(`https://{yourAuth0Domain}/oauth/token`, {
          method: 'POST',
          headers: {
            'content-type': 'application/x-www-form-urlencoded',
          },
          body: new URLSearchParams({
            grant_type: 'http://auth0.com/oauth/grant-type/password-realm',
            username: user.email,
            password: request.token,
            scope: 'openid profile email',
            audience: '{yourApiIdentifier}',
            client_id: '{yourClientId}',
            client_secret: '{yourClientSecret}',
            realm: 'authsignal'
          })
        });

        try {
          const data = await response.json();

          const accessToken = data.access_token;
          const idToken = data.id_token;
        } catch (error) {
          // The Auth0 custom database login script failed to validate
        }
        } else {
          // The user did not complete the challenge successfully
        }
      ```

      ```curl cURL theme={null}
      curl -X POST \
        'https://{yourAuth0Domain}/oauth/token' \
        -H 'content-type: application/x-www-form-urlencoded' \
        -d 'grant_type=http://auth0.com/oauth/grant-type/password-realm' \
        -d 'username={yourUsersEmailAddress}' \
        -d 'password={authsignalToken}' \
        -d 'scope=openid profile email' \
        -d 'audience={yourApiIdentifier}' \
        -d 'client_id={yourClientId}' \
        -d 'client_secret={yourClientSecret}' \
        -d 'realm=authsignal'
      ```
    </CodeGroup>
  </Step>
</Steps>

We've now completed the integration, please do reach out to us if you have any questions or need any assistance.
