Auth0 provides numerous libraries, guides, code samples, and blog posts to help you learn how to secure APIs and services built with popular backend frameworks. These resources also provide you with quick reference checks to give you confidence that your Auth0 implementation follows best practices.
Start Securing APIs Today
When you use Auth0 to protect your client applications, you delegate the authentication process to a centralized login page: the Auth0 Universal Login page. With Universal Login, when your users need to log in, your client application redirects them to a central domain, through which Auth0 performs the authentication process. Once your users log in successfully. Auth0 takes them back to your application.
Google services are a solid example of centralized authentication. Whenever you need to access any Google service (such as Gmail, Google Calendar, YouTube, etc.), if you have not logged in yet, Google will redirect you to
https://accounts.google.com to log in. Once you successfully log in, Google redirects you to the application that initialized the login process.
With Auth0, you can use your tenant URL or a custom domain as your central domain for authentication. With every successful login transaction, Auth0 returns to your client application an access token. You can use the access token to implement token-based authorization in your API server. Your client applications will need to make authenticated requests using the access token as a bearer token whenever they want to access protected resources from your API.