Labsco
auth0 logo

auth0-flask

37

by auth0 · part of auth0/agent-skills

Use when adding login, logout, and user profile to a Flask web application using session-based authentication - integrates auth0-server-python for…

🔥🔥🔥🔥✓ VerifiedAccount requiredNeeds API keys
🧩 One of 7 skills in the auth0/agent-skills package — works on its own, and pairs well with its siblings.

Use when adding login, logout, and user profile to a Flask web application using session-based authentication - integrates auth0-server-python for…

Inspect the full instructions your agent will receiveExpand

This is the exact playbook injected into your agent when the skill activates — shown here so you can audit it before installing. You don't need to read it to use the skill.

by auth0

Use when adding login, logout, and user profile to a Flask web application using session-based authentication - integrates auth0-server-python for… npx skills add https://github.com/auth0/agent-skills --skill auth0-flask Download ZIPGitHub37

Auth0 Flask Web App Integration

Add login, logout, and user profile to a Flask web application using auth0-server-python.

When NOT to Use

  • Python APIs with JWT Bearer validation — Use auth0-fastapi-api for FastAPI, or see the Django REST Framework quickstart

  • FastAPI web app with login/logout UI — No dedicated skill yet; see the FastAPI quickstart

  • Single Page Applications — Use auth0-react, auth0-vue, or auth0-angular for client-side auth

  • Next.js applications — Use auth0-nextjs which handles both client and server

  • Node.js web apps — Use auth0-express or auth0-fastify for session-based auth

Key SDK Methods

All methods are async:

Method Signature Purpose start_interactive_login await auth0.start_interactive_login() Returns authorization URL string — wrap in redirect() complete_interactive_login await auth0.complete_interactive_login(str(request.url)) Processes the callback URL, exchanges code for tokens get_user await auth0.get_user() Returns current session user dict or None get_access_token await auth0.get_access_token() Returns the access token for calling external APIs logout await auth0.logout() Returns Auth0 logout URL string

Related Skills

  • auth0-express — For server-rendered Express web apps with login/logout sessions

  • auth0-fastify — For Fastify web applications with session-based auth

  • auth0-cli — Manage Auth0 resources from the terminal

Quick Reference

ServerClient configuration:

Copy & paste — that's it
auth0 = ServerClient(
 domain=os.getenv("AUTH0_DOMAIN"), # required
 client_id=os.getenv("AUTH0_CLIENT_ID"), # required
 client_secret=os.getenv("AUTH0_CLIENT_SECRET"), # required
 secret=os.getenv("AUTH0_SECRET"), # required (encryption secret)
 redirect_uri=os.getenv("AUTH0_REDIRECT_URI"), # required
 state_store=FlaskSessionStateStore(secret=secret), # required
 transaction_store=FlaskSessionTransactionStore(secret=secret), # required
 authorization_params={"scope": "openid profile email"}, # recommended
)

Route protection pattern:

Copy & paste — that's it
user = await auth0.get_user()
if user is None:
 return redirect("/login")

Environment variables:

  • AUTH0_DOMAIN — your Auth0 tenant domain (e.g. tenant.us.auth0.com)

  • AUTH0_CLIENT_ID — your Application's client ID

  • AUTH0_CLIENT_SECRET — your Application's client secret

  • AUTH0_SECRET — encryption and session secret key

  • AUTH0_REDIRECT_URI — callback URL (e.g. http://localhost:5000/callback)

Detailed Documentation

  • Setup Guide - Automated setup scripts, environment configuration, Auth0 CLI usage

  • Integration Guide - Protected routes, calling APIs, session management, error handling

  • API Reference - Complete ServerClient API, configuration options, store implementation, security

References