Learn to integrate Auth0 with Web3Auth SFA React Native SDK
This guide will cover the basics of how to set up your Web3Auth SDK and Auth0 account for the integration and provide you with the links on how to develop a basic React Native Expo application on the blockchain of your choice.
Quick Start
npx degit Web3Auth/web3auth-core-kit-examples/single-factor-auth-react-native/sfa-rn-expo-auth0-example sfa-rn-auth0-demo && cd sfa-rn-auth0-demo && npm install && npm run start
How it works?
Single Factor Auth SDKs allow for the integration of a single factor of authentication, such as social login, into your dApp. They are designed to be simple to use and can be integrated into your dApp with minimal effort, allowing you to directly use the Web3Auth Network for Wallet Management. This is one of the most common use cases of Web3Auth, however, it is semi-custodial in nature, since the key is custodial to the Auth Provider and the Web3Auth Network.
- The first step for the application is to get the user authenticated by a login provider(here,
Google) and get the user's
idToken
. - Once the social login is successful, depending on whether the user has enabled Multi-Factor Authentication(MFA) or not, the key is generated.
- If the user has not enabled MFA, we use the
@web3auth/single-factor-auth
SDK to retrieve the private key shares from the Web3Auth auth network nodes and reconstruct the private key. - If the user has enabled MFA, an error message is shown that the user has enabled MFA and in this case, they should be using the Web3Auth Plug and Play Web SDKs.
Prerequisites
-
For Web Apps: A basic knowledge of JavaScript is required to use Web3Auth SDK.
-
For Mobile Apps: For the Web3Auth Mobile SDKs, you have a choice between iOS, Android, React Native & Flutter. Please refer to the Web3Auth SDK Reference for more information.
-
Create a Web3Auth account on the Web3Auth Dashboard
-
Create an Auth0 tenant and configure a Single Page Web Application (SPA for Web) or Native (for Mobile) from Auth0 Console.
-
Please note that Regular Web Applications are also supported as mentioned in the flows above. However, for this guide, we prefer SPA since its implicit flow doesn’t require an application to host a backend server.
Setup your Auth0 Tenant
-
Add the following URLs for your app to the Allowed Web Origins field when configuring your Auth0 Application.
- Additional to your URLs for the application, please add
-
You will require the
domain
andclientId
of the newly created application which you can copy from Auth0 Console.
Enable Social Login
- Enable
Google
or other social provider on theAuthentication > Social
page of your Auth0 Dashboard. - Visit https://auth0.com/learn/social-login to learn more.
Enable SMS Passwordless
If you want to implement SMS Passwordless, then this section is for you. Otherwise, you can skip this.
- Enable
SMS
on theAuthentication > Passwordless
page of your Auth0 Dashboard. - Under the
Settings
tab, add yourTwilio SID
andTwilio AuthToken
. - Also, update the
From
number on the same page, and click on theSave
button. - Next, enable your application under the
Applications
tab, and click on theSave
button. - You can test sending an SMS from the
Try
tab. Once, an SMS comes with OTP, it means it has been successfully configured.
Update Lockscreen for SMS Passwordless
If you're to use SMS Passwordless, please visit here to set up the Lock Screen of Auth0 from your Auth0 Dashboard.
Enable Email Passwordless
If you want to implement Email Passwordless, then this section is for you. Otherwise, you can skip this.
- Enable
Email
on theAuthentication > Passwordless
page of your Auth0 Dashboard. - Under the
Settings
tab, updateFrom
andSubject
based on your need and click on theSave
button. - Next, enable your application under the
Applications
tab, and click on theSave
button. - You can test sending an Email from the
Try
tab. Once, an Email comes with OTP/Link, it means it has been successfully configured.
Update Lockscreen for Email Passwordless
If you're to use Email Passwordless, please visit here to set up the Lock Screen of Auth0 from your Auth0 Dashboard.
Setup your Web3Auth Dashboard
-
Create a Project from the Project Section of the Web3Auth Developer Dashboard.
-
Enter your desired Project name.
-
Select the Product you want to use. For this guide, we'll be using the Plug n Play product.
-
Select the Platform type you want to use. For this guide, we'll be using the Web Application as the platform.
-
Select the Web3Auth Network as
Sapphire Devnet
. We recommend creating a project in thesapphire_devnet
network during development. While moving to a production environment, make sure to convert your project tosapphire_mainnet
or any of the legacy mainnet networkmainnet
,aqua
, orcyan
network. Otherwise, you'll end up losing users and keys. -
Select the blockchain(s) you'll be building this project on. For interoperability with Torus Wallets, you have the option of allowing the user's private key to be used in other applications using Torus Wallets (EVM, Solana, XRPL & Casper).
-
Finally, once you create the project, you have the option to whitelist your URLs for the project. Please whitelist the domains where your project will be hosted.
-
Create Auth0 Verifiers
-
Create a Verifier from the Custom Auth Section of the Developer Dashboard with the following configuration:
-
Pick a name of your choice for the verifier identifier.
eg. auth0-project
-
Choose
Social Login Providers
and selectAuth0
from the Login Provider dropdown. -
Next, Choose your Authentication Type from
eg. Google, Twitter, GitHub etc..
to be the Auth provider. -
Paste the
Client ID
andAuth0 Domain
from the Auth0 SPA you created in the above steps. This will be used to validate the JWT token issued by Auth0. And, selectSub
orEmail
as the JWT Verifier ID. -
Click on the
Create Verifier
button to create your verifier. It may take up to 10-20 minutes to deploy the verifier on Sapphire Devnet. You'll receive an email once it's complete.
You will require the
verifierName
of the newly created verifier andclientId
of the Plug and Play Project. -
Create SMS Passwordless Verifier
If you want to implement SMS Passwordless, then this section is for you. Otherwise, you can skip this.
-
Create a Verifier from the Custom Auth Section of the Developer Dashboard with the following configuration:
-
Choose a name of your choice for the verifier identifier.
eg. auth0-sms-passwordless
-
Select
Custom Providers
from the Login Provider. -
Choose
Custom
for theJWT Verifier ID
and typename
. -
Enter
https://{YOUR-DOMAIN}/.well-known/jwks.json
as yourJWKS Endpoint
. This will be used to validate the JWT token issued by Auth0. eg.https://web3auth.eu.auth0.com/.well-known/jwks.json
-
JWT validation fields:
- iss:
https://{YOUR-DOMAIN}
- aud:
{AUTH0-CLIENT-ID}
- iss:
-
Click on the
Create
button to create your verifier. It may take up to 10-20 minutes to deploy the verifier on Sapphire Devnet. You'll receive an email once it's complete.
You will require the
verifierName
of the newly created verifier andclientId
of the Plug and Play Project. -
Create Email Passwordless Verifier
If you want to implement Email Passwordless, then this section is for you. Otherwise, you can skip this.
-
Create a Verifier from the Custom Auth Section of the Developer Dashboard with the following configuration:
-
Choose a name of your choice for the verifier identifier.
eg. auth0-email-passwordless
-
Choose
Social Login Providers
and selectAuth0
from the Login Provider dropdown. -
Choose your Authentication Type as
Email Passwordless
to use Auth0's Email Passwordless. -
Paste the
Client ID
andAuth0 Domain
from the Auth0 SPA you created in the above steps. This will be used to validate the JWT token issued by Auth0. -
Click on the
Create
button to create your verifier. It may take up to 10-20 minutes to deploy the verifier on Sapphire Devnet. You'll receive an email once it's complete.
You will require the
verifierName
of the newly created verifier andclientId
of the Plug and Play Project. -
Using the Web3Auth SFA Web SDK
To use the Web3Auth SFA Web SDK, you need to add @web3auth/single-factor-auth
to your project.
Installation
For this project, you need to add the following Web3Auth dependencies to your package.json
npm install --save @web3auth/single-factor-auth-react-native @web3auth/base @web3auth/ethereum-provider ethers react-native-auth0 expo-secure-store
Understanding the Dependencies
@web3auth/base
Since we're using typescript, we need the @web3auth/base
package to provide the types of the
different variables we'll be using throughout the app-building process. This reduces errors to a
very large extent.
npm install --save @web3auth/base
@web3auth/ethereum-provider
This package is used to provide the Ethereum provider to the Web3Auth SDK. This is required to interact with the blockchain.
npm install --save @web3auth/ethereum-provider
@web3auth/single-factor-auth-react-native
This package is the core package for Single Factor Auth React Native SDK.
npm install --save @web3auth/single-factor-auth-react-native
react-native-auth0
This package is used to provide the Auth0 SDK to the app. This is required to retrieve the idToken
from Auth0 as the login provider.
npm install --save @auth0/auth0-react
ethers
This package is used to interact with the blockchain.
npm install --save web3
expo-secure-store
This package is used to store the private key shares in the device's secure storage.
npm install --save expo-secure-store
Configure Auth0 for React Native
Please follow the guide here to configure Auth0 for React Native.
Initialization
Once installed, your Web3Auth application needs to be initialized. Initialization is a multi-step process where we add all the config details for Web3Auth SDK:
Importing the packages
import { IProvider } from "@web3auth/base";
import { EthereumPrivateKeyProvider } from "@web3auth/ethereum-provider";
import Web3Auth from "@web3auth/single-factor-auth-react-native";
import { ethers } from "ethers";
import * as SecureStore from "expo-secure-store";
import { Auth0Provider, useAuth0 } from "react-native-auth0";
Instantiate the Web3Auth SFA React Native SDK
import { IProvider } from "@web3auth/base";
import { EthereumPrivateKeyProvider } from "@web3auth/ethereum-provider";
import Web3Auth from "@web3auth/single-factor-auth-react-native";
import { ethers } from "ethers";
import * as SecureStore from "expo-secure-store";
import { Auth0Provider, useAuth0 } from "react-native-auth0";
const clientId =
"BPi5PB_UiIZ-cPz1GtV5i1I2iOSOHuimiXBI0e-Oe_u6X3oVAbCiAZOTEBtTXw4tsluTITPqA8zMsfxIKMjiqNQ"; // get from https://dashboard.web3auth.io
const chainConfig = {
chainId: "0x1",
displayName: "Ethereum Mainnet",
chainNamespace: CHAIN_NAMESPACES.EIP155,
tickerName: "Ethereum",
ticker: "ETH",
decimals: 18,
rpcTarget: "https://rpc.ankr.com/eth",
blockExplorer: "https://etherscan.io",
};
// Initialising Web3Auth Single Factor Auth SDK
const web3auth = new Web3Auth(SecureStore, {
clientId,
web3AuthNetwork: "sapphire_mainnet",
usePnPKey: false, // By default, this sdk returns CoreKitKey
});
const privateKeyProvider = new EthereumPrivateKeyProvider({
config: { chainConfig },
});
Here, we're using the chainConfig
property to set the chainId
and chainNamespace
among other
parameters. The chainId
and chainNamespace
are the id and the namespace respectively of the
chain you're connecting to. We've initialized them for EVM for this guide. You can find the list of
available providers here to select from.
Additionally, sometimes you might face clogging in the network because the test network is a bit
clogged at that point. To avoid this, we can use the property rpcTarget
and pass over the URL of
the node you want to connect to.
Initializing the Web3Auth SDK
web3authSfa.init(privateKeyProvider);
Authentication
Getting the idToken
from Auth0 upon login
const { authorize, clearSession, getCredentials } = useAuth0();
const signInWithAuth0 = async () => {
try {
// @ts-ignore
await authorize(
{ scope: "openid profile email" },
{ customScheme: "auth0.com.web3authsfaauth0" },
{ responseType: "token id_token" },
);
const credentials = await getCredentials();
return credentials.idToken;
} catch (error) {
console.error(error);
}
};
Parsing the token
We need to parse the token to get the sub
field from the token. This is the unique identifier for
the user. This is dependent on the verifierId
field you've set on the dashboard. In our case, it's
sub
. The code for parsing the idToken
is as follows:
import { safeatob } from "@toruslabs/openlogin-utils";
const parseToken = (token: any) => {
try {
const token = token.split(".")[1]; // payload
return JSON.parse(safeatob(token));
} catch (err) {
console.error(err);
return null;
}
};
const { sub } = parseToken(idToken);
Initializing the Web3Auth SDK
The next step is to initialize the Web3Auth SDK. We now have all the parameters that are needed to
call the connect
method of the Web3Auth SDK.
const idToken = await signInWithAuth0();
const parsedToken = parseToken(idToken);
setUserInfo(parsedToken);
const verifierId = sub;
await web3auth.connect({
verifier: "w3a-auth0-demo", // e.g. `web3auth-sfa-verifier` replace with your verifier name, and it has to be on the same network passed in init().
verifierId, // e.g. `Yux1873xnibdui` or `name@email.com` replace with your verifier id(sub or email)'s value.
idToken,
});
Since we are directly using Single Factor Auth SDK to log in, the Web3Auth getUserInfo
function
won't work. We need to get the user details directly from the idToken
.
Get the User Profile
import { safeatob } from "@toruslabs/openlogin-utils";
const parseToken = (token: any) => {
try {
const token = token.split(".")[1]; // payload
return JSON.parse(safeatob(token));
} catch (err) {
console.error(err);
return null;
}
};
const userProfile = parseToken(idToken);
Logout
Logging out your user is as simple as calling the logout
function on the Web3Auth SDK.
await clearSession();
await web3authSfa.logout();
Interacting with the Blockchain
So if you have completed this far, it means that you have successfully authenticated your user. Now,
you can use the provider returned by Web3Auth as web3auth.provider
to interact with your
blockchain. You can use the Provider SDKs to perform RPC Calls to your
blockchain.
Web3Auth is chain agnostic, ie. depending on whatever blockchain or layer-2 you use, Web3Auth can
easily support that. Web3Auth has native providers for EVM and Solana blockchains and for others,
you can get the private key in the user scope and make RPC calls. For standardising the type of
provider, Web3Auth Base provides a IProvider
from which you can create your own provider.
- Ethereum Provider gives you the capability of making RPC calls to the EVM compatible blockchains.
- Solana Provider gives you the capability of making RPC calls to the Solana blockchain.
- XRPL Provider gives you the capability of making RPC calls to the XRPL blockchain.
- If you want to use any other chain except Solana or EVM chains, for ex: Starknet, you can specify
the value of
chainNamespace
field as other in the Web3Auth SDK Constructor. Refer to: Using other blockchains
Get User Accounts
- Web3
- Ethers.js
const getAccounts = async () => {
if (!provider) {
console.log("provider not initialized yet");
return;
}
const web3 = new Web3(provider as any);
const userAccounts = await web3.eth.getAccounts();
console.log(userAccounts);
};
const getAccounts = async () => {
if (!provider) {
console.log("provider not initialized yet");
return;
}
// For ethers v5
// const ethersProvider = new ethers.providers.Web3Provider(this.provider);
const ethersProvider = new ethers.BrowserProvider(this.provider);
// For ethers v5
// const signer = ethersProvider.getSigner();
const signer = await ethersProvider.getSigner();
// Get the user's Ethereum public address
const address = signer.getAddress();
console.log(address);
};
View User Balance
- Web3
- Ethers.js
const getBalance = async () => {
if (!provider) {
console.log("provider not initialized yet");
return;
}
const web3 = new Web3(provider as any);
const accounts = await web3.eth.getAccounts();
const balance = await web3.eth.getBalance(accounts[0]);
console.log(web3.utils.fromWei(balance));
};
const getBalance = async () => {
if (!provider) {
console.log("provider not initialized yet");
return;
}
// For ethers v5
// const ethersProvider = new ethers.providers.Web3Provider(this.provider);
const ethersProvider = new ethers.BrowserProvider(this.provider);
// For ethers v5
// const signer = ethersProvider.getSigner();
const signer = await ethersProvider.getSigner();
// Get the user's Ethereum public address
const address = signer.getAddress();
// Get the user's balance in ether
// For ethers v5
// const balance = ethers.utils.formatEther(
// await ethersProvider.getBalance(address) // Balance is in wei
// );
const balance = ethers.formatEther(
await ethersProvider.getBalance(address), // Balance is in wei
);
console.log(balance);
};
Sign Message
- Web3
- Ethers.js
const signMessage = async () => {
if (!provider) {
console.log("provider not initialized yet");
return;
}
const web3 = new Web3(provider as any);
// Get user's Ethereum public address
const account = (await web3.eth.getAccounts())[0];
// Message
const message = "Hello MPC, Bye Bye SeedPhrase";
const typedMessage = [
{
type: "string",
name: "message",
value: message,
},
];
const params = [JSON.stringify(typedMessage), account];
const method = "eth_signTypedData";
const signedMessage = await this.provider.request({
method,
params,
});
console.log(signedMessage);
};
const signMessage = async () => {
if (!provider) {
console.log("provider not initialized yet");
return;
}
// For ethers v5
// const ethersProvider = new ethers.providers.Web3Provider(this.provider);
const ethersProvider = new ethers.BrowserProvider(this.provider);
// For ethers v5
// const signer = ethersProvider.getSigner();
const signer = await ethersProvider.getSigner();
const originalMessage = "YOUR_MESSAGE";
// Sign the message
const signedMessage = await signer.signMessage(originalMessage);
console.log(signedMessage);
};
Sign Transaction
const signTransaction = async () => {
if (!provider) {
console.log("provider not initialized yet");
return;
}
const web3 = new Web3(provider as any);
const accounts = await web3.eth.getAccounts();
const txRes = await web3.eth.signTransaction({
from: accounts[0],
to: accounts[0],
value: web3.utils.toWei("0.0001"),
chainId: 1, // change it to your specific chain id.
});
console.log(txRes.transactionHash);
};
Send Transaction
- Web3
- Ethers.js
const sendTransaction = async () => {
if (!provider) {
console.log("provider not initialized yet");
return;
}
const web3 = new Web3(provider as any);
const accounts = await web3.eth.getAccounts();
const txRes = await web3.eth.sendTransaction({
from: accounts[0],
to: accounts[0],
value: web3.utils.toWei("0.0001"),
chainId: 1, // change it to your specific chain id.
});
console.log(txRes.transactionHash);
};
const sendTransaction = async () => {
if (!provider) {
console.log("provider not initialized yet");
return;
}
// For ethers v5
// const ethersProvider = new ethers.providers.Web3Provider(this.provider);
const ethersProvider = new ethers.BrowserProvider(this.provider);
// For ethers v5
// const signer = ethersProvider.getSigner();
const signer = await ethersProvider.getSigner();
const destination = "0x40e1c367Eca34250cAF1bc8330E9EddfD403fC56";
// Convert 1 ether to wei
// For ethers v5
// const amount = ethers.utils.parseEther("0.001");
const amount = ethers.parseEther("0.001");
// Submit transaction to the blockchain
const tx = await signer.sendTransaction({
to: destination,
value: amount,
maxPriorityFeePerGas: "5000000000", // Max priority fee per gas
maxFeePerGas: "6000000000000", // Max fee per gas
});
// Wait for the transaction to be mined
const receipt = await tx.wait();
console.log(receipt.transactionHash);
};
Example Code
The code for the example can be found here.
Troubleshooting
Please refer to the React Native Troubleshooting Guide if you face any hurdles.
Questions?
Ask us on Web3Auth Community Portal.