Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/subratomandal/dyeink/llms.txt

Use this file to discover all available pages before exploring further.

Auth0 provides authentication and authorization for Dyeink. You’ll need to configure both a Single Page Application (SPA) for the frontend and a Machine-to-Machine application for backend API verification.

Prerequisites

  • An Auth0 account (sign up at auth0.com)
  • Access to your Dyeink source code and environment files

Create Auth0 Application

1

Create a new application

  1. Log in to your Auth0 dashboard
  2. Navigate to Applications > Applications
  3. Click Create Application
  4. Name it “Dyeink” (or your preferred name)
  5. Select Single Page Web Applications
  6. Click Create
2

Configure application settings

In the application settings, configure the following URLs:Allowed Callback URLs:
http://localhost:5173,
https://yourdomain.com
Allowed Logout URLs:
http://localhost:5173,
https://yourdomain.com
Allowed Web Origins:
http://localhost:5173,
https://yourdomain.com
Replace yourdomain.com with your actual production domain. For development, keep localhost:5173.
3

Get your credentials

From the application settings page, copy:
  • Domain (e.g., your-tenant.auth0.com)
  • Client ID
  • Client Secret (from the Settings tab)
You’ll use these in your environment configuration.

Create API Definition

1

Create a new API

  1. In the Auth0 dashboard, navigate to Applications > APIs
  2. Click Create API
  3. Name it “Dyeink API”
  4. Set the identifier to https://api.dyeink.com
  5. Leave signing algorithm as RS256
  6. Click Create
2

Configure API settings

  • Enable RBAC (Role-Based Access Control) if you plan to use permissions
  • Enable Add Permissions in the Access Token if needed
  • Keep default token expiration or adjust as needed

Set Up Management API Access

The Management API is required for advanced user management and metadata operations.
1

Create a Machine-to-Machine application

  1. Navigate to Applications > Applications
  2. Click Create Application
  3. Name it “Dyeink Management”
  4. Select Machine to Machine Applications
  5. Click Create
2

Authorize the Management API

  1. Select Auth0 Management API from the dropdown
  2. Grant the following scopes:
    • read:users
    • update:users
    • read:user_idp_tokens
  3. Click Authorize
3

Get Management API token

You can get a token via the Auth0 dashboard or programmatically:
curl --request POST \
  --url https://your-tenant.auth0.com/oauth/token \
  --header 'content-type: application/json' \
  --data '{
    "client_id":"YOUR_CLIENT_ID",
    "client_secret":"YOUR_CLIENT_SECRET",
    "audience":"https://your-tenant.auth0.com/api/v2/",
    "grant_type":"client_credentials"
  }'
Management API tokens expire. For production, implement token refresh logic or use long-lived tokens carefully.

Configure Social Logins

1

Enable social connections

  1. Navigate to Authentication > Social
  2. Choose your desired providers (Google, GitHub, Twitter, etc.)
  3. Click on each provider to configure
2

Configure Google (example)

  1. Create a project in Google Cloud Console
  2. Enable Google+ API
  3. Create OAuth 2.0 credentials
  4. Add authorized redirect URI: https://your-tenant.auth0.com/login/callback
  5. Copy Client ID and Client Secret to Auth0
  6. Enable the connection for your Dyeink application
3

Test the connection

Use the Try Connection button in Auth0 to verify each social login works correctly.

Environment Configuration

Frontend (platform/.env)

# Auth0 Configuration for SPA
VITE_AUTH0_DOMAIN=your-tenant.auth0.com
VITE_AUTH0_CLIENT_ID=your-spa-client-id
VITE_AUTH0_AUDIENCE=https://api.dyeink.com
VITE_AUTH0_REDIRECT_URI=http://localhost:5173
Never commit .env files to version control. Always use .env.example as a template.

Backend (backend/.env)

# Auth0 API Verification
AUTH0_DOMAIN=your-tenant.auth0.com
AUTH0_CLIENT_ID=your-client-id
AUTH0_CLIENT_SECRET=your-client-secret
AUTH0_AUDIENCE=https://api.dyeink.com
AUTH0_MANAGEMENT_API_TOKEN=your-management-api-token

Root (.env)

# Auth0 Configuration (for API JWT verification)
AUTH0_DOMAIN=your-tenant.auth0.com
AUTH0_AUDIENCE=https://api.dyeink.com
AUTH0_MANAGEMENT_API_TOKEN=your-management-api-token

Verification

Test your Auth0 configuration:
1

Test frontend authentication

  1. Start your frontend development server
  2. Navigate to the login page
  3. Verify the Auth0 Universal Login appears
  4. Test login with username/password and social providers
2

Test API authentication

Make a request to a protected API endpoint:
curl -X GET https://your-api.com/api/protected \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"
You should receive a valid response, not a 401 Unauthorized.
3

Verify token contents

Decode your JWT at jwt.io to verify:
  • aud matches your API identifier
  • iss matches your Auth0 domain
  • Token expiration is appropriate

Security Best Practices

  • Never expose AUTH0_CLIENT_SECRET or AUTH0_MANAGEMENT_API_TOKEN in frontend code
  • Rotate Management API tokens regularly
  • Use separate Auth0 tenants for development and production
  • Enable multi-factor authentication (MFA) for your Auth0 account
  • Review Auth0 logs regularly for suspicious activity
Configure Auth0 Rules or Actions to add custom claims to tokens, enforce MFA, or integrate with external services.

Troubleshooting

  • Verify AUTH0_AUDIENCE matches your API identifier exactly
  • Check that AUTH0_DOMAIN is correct (no https:// prefix)
  • Ensure the access token hasn’t expired
  • Verify JWT signature using the Auth0 public keys
  • Confirm callback URLs in Auth0 match your application URLs exactly
  • Check for trailing slashes (they matter)
  • Verify protocol (http vs https)
  • Clear browser cache and cookies
  • Verify the connection is enabled for your application
  • Check that OAuth credentials in the social provider are correct
  • Ensure redirect URIs in the provider match Auth0’s callback URL
  • Test the connection using Auth0’s “Try Connection” feature

Next Steps

MongoDB Setup

Configure your MongoDB database for data persistence

Storage Setup

Set up Cloudflare R2 for media storage