Labsco
auth0 logo

auth0-fastify

37

by auth0 · part of auth0/agent-skills

Use when adding authentication (login, logout, protected routes) to Fastify web applications - integrates @auth0/auth0-fastify for session-based auth. For…

🔥🔥🔥✓ VerifiedFreeQuick setup
🧩 One of 7 skills in the auth0/agent-skills package — works on its own, and pairs well with its siblings.

Use when adding authentication (login, logout, protected routes) to Fastify web applications - integrates @auth0/auth0-fastify for session-based auth. For…

Inspect the full instructions your agent will receiveExpand

This is the exact playbook injected into your agent when the skill activates — shown here so you can audit it before installing. You don't need to read it to use the skill.


name: auth0-fastify description: > Use when adding session-based login, logout, or protected routes to a Fastify web application. Integrates @auth0/auth0-fastify — use even if the user says "add login to my Fastify app". For Fastify APIs validating Bearer tokens, use auth0-fastify-api instead. license: Apache-2.0 metadata: author: Auth0 support@auth0.com version: '1.0.0' openclaw: emoji: "\U0001F510" homepage: https://github.com/auth0/agent-skills

Auth0 Fastify Integration

Add authentication to Fastify web applications using @auth0/auth0-fastify.


When NOT to Use

  • Single Page Applications - Use auth0-react, auth0-vue, or auth0-angular for client-side auth
  • Next.js applications - Use auth0-nextjs skill which handles both client and server
  • Mobile applications - Use auth0-react-native for React Native/Expo
  • Stateless APIs - Use @auth0/auth0-fastify-api instead for JWT validation without sessions
  • Microservices - Use JWT validation for service-to-service auth

Related Skills

  • auth0-quickstart - Basic Auth0 setup
  • auth0-migration - Migrate from another auth provider
  • auth0-mfa - Add Multi-Factor Authentication
  • auth0-cli - Manage Auth0 resources from the terminal

Quick Reference

Plugin Options:

  • domain - Auth0 tenant domain (required)
  • clientId - Auth0 client ID (required)
  • clientSecret - Auth0 client secret (required)
  • appBaseUrl - Application URL (required)
  • sessionSecret - Session encryption secret (required, min 64 chars)
  • audience - API audience (optional, for calling APIs)

Client Methods:

  • fastify.auth0Client.getSession({ request, reply }) - Get user session
  • fastify.auth0Client.getUser({ request, reply }) - Get user profile
  • fastify.auth0Client.getAccessToken({ request, reply }) - Get access token
  • fastify.auth0Client.logout(options, { request, reply }) - Logout user

Common Use Cases:

  • Protected routes → Use preHandler to check session (see Step 4)
  • Check auth status → !!session
  • Get user info → getUser({ request, reply })
  • Call APIs → getAccessToken({ request, reply })

References