This tutorial demonstrates how to configure Apache to add authentication and authorization to your web app. We recommend that you log in to follow this quickstart with examples configured for your account.
1

System Requirements

This tutorial and sample project have been tested with the following:
  • Apache 2.4
2

Install and Enable mod_auth_openidc Module

First, install the mod_auth_openidc module for Apache.You can get the binaries from GitHub and install them for your OS. If your OS isn’t compatible with any of the binaries, you can still build it from source.Once you’ve installed the module, enable it for Apache with the a2enmod command. To learn more, read a2enmod on Ubuntu Manpage:
a2enmod auth_openidc
For Windows, you can use this Powershell script to get a2enmod working on your system.
3

Configure the Module with Your Auth0 Account Information

Update your new configuration file (auth_openidc.conf), located in the /etc/apache2/mods-available folder.
For Windows, you must use the /apache/conf/httpd.conf file.
4

Configure Auth0

In the Auth0 Dashboard:
  1. Go to Applications > Applications, and then select your application from the list.
  2. Switch to the Settings view, and then locate the Application URIs section.
  3. Add the value of OIDCRedirectURI to Allowed Callback URLs.
  4. Locate Advanced Settings at the bottom of the page.
  5. Switch to the OAuth view.
  6. Set JSON Web Token (JWT) Signature Algorithm to RS256.
5

Authorization

You can configure Apache to protect a specific location based on the value of a claim in the user’s ID token by adding a Location block to your auth_openidc.conf file.For example, you could create an Action that reads the user’s roles, and then adds a claim that grants access to a protected location:
exports.onExecutePostLogin = async (event, api) => {
  const roles = event.authorization.roles; // ['user', 'admin']
    if (roles.includes('admin')) {
    api.idToken.setCustomClaim('folder', 'admin');
  }
};

Next Steps

Excellent work! If you made it this far, you should now have login, logout, and user profile information running in your application.This concludes our quickstart tutorial, but there is so much more to explore. To learn more about what you can do with Auth0, check out:
  • Auth0 Dashboard - Learn how to configure and manage your Auth0 tenant and applications
  • Auth0 Marketplace - Discover integrations you can enable to extend Auth0’s functionality