Adding "Log In With Mastodon" to Auth0

I use Auth0 to provide social logins for the OpenBenches website. I don't want to deal with creating user accounts, managing passwords, or anything like that, so Auth0 is perfect for my needs.

There are a wide range of social media logins provided by Auth0 - including the usual suspects like Facebook, Twitter, WordPress, Discord, etc. Sadly, there's no support for Mastodon0.

All is not lost though. The Auth0 documentation says:

However, you can use Auth0’s Connections API to add any OAuth2 Authorization Server as an identity provider.

You can manually add a single Mastodon instance, but that doesn't work with the decentralised nature of the Fediverse. Instead, I've come up with a manual solution which works with any Mastodon server!

Background

Every Mastodon1 server is independent. I have an account on mastodon.social you have an account on whatever.chaos. They are separate servers, albeit running similar software. A generic authenticator needs to work with all these servers. There's no point only allowing log ins from a single server.

Fortuitously, Mastodon allows app developers to automatically create new apps. A few simple lines of code and you will have an API key suitable for read-only access to that server. You can read how to instantly create Mastodon API keys or you can steal my PHP code.

User Experience

The user clicks the sign-in button on OpenBenches. They're taken to the Auth0 social login screen:

The user clicks on Mastodon. This is where Auth0's involvement ends!

The user is asked to provide the URl of their instance:

In the background, my server contacts the Mastodon instance and creates a read-only API key.

The user is asked to sign in to Mastodon.

The user is asked to authorise read-only access.

The user is now signed in and OpenBenches can retrieve their name, avatar image, and other useful information. Hurrah!

Auth0

Once you have created a service to generate API keys, it will need to run on a publicly accessible web server. For example https://example.com/mastodon_login.

Here's what you need to do within your Auth0 tennant:

• Authentication → Social → Create Connection
• At the bottom, choose "Create Custom".
• Choose "Authentication" only.
• Give your connection a name. This will be visible to users.
• "Authorization URL" and "Token URL" have the same value - the URl of your service.
• "Client ID" is only visible to you.
• "Client Secret" any random password; it won't be used for anything.
• Leave everything else in the default state.

It should look something like this:

Click the "Create" button and you're (almost) done.

Auth0 Icon

You will need to add a custom icon to the social integration. Annoyingly, there's no way to do it through the web interface, so follow that guide to use the command line.

Done!

I'll admit, this isn't the most straightforward thing to implement. Auth0 could make this easier - but it would still rely on users knowing the URl of their home instance.

That said, the Mastodon API is a delight to work with and the read-only permissions reduce risk for all parties.

🆕 blog! “Adding "Log In With Mastodon" to Auth0”

I use Auth0 to provide social logins for the OpenBenches website. I don't want to deal with creating user accounts, managing passwords, or anything like that, so Auth0 is perfect for my needs.

There are a wide range of social media logins provided by Auth0 - including the usual suspects like…

👀 Read more: https://shkspr.mobi/blog/2026/03/adding-log-in-with-mastodon-to-auth0/
⸻
#Auth0 #HowTo #mastodon #MastodonAPI #SocialMedia

🆕 blog! “Adding OpenStreetMap login to Auth0”

So you want to add OSM as an OAuth provider to Auth0? Here's a tip - you do not want to create a custom social connection!

Instead, you need to create an "OpenID Connect" provider. Here's how.

OpenSteetMap

As per the OAuth documentation you will need to:

Register a new app at…

👀 Read more: https://shkspr.mobi/blog/2026/02/adding-openstreetmap-login-to-auth0/
⸻
#Auth0 #developers #oauth #OpenStreetMap

Adding OpenStreetMap login to Auth0

So you want to add OSM as an OAuth provider to Auth0? Here's a tip - you do not want to create a custom social connection!

Instead, you need to create an "OpenID Connect" provider. Here's how.

OpenSteetMap

As per the OAuth documentation you will need to:

• Register a new app at https://www.openstreetmap.org/oauth2/applications/
• Give it a name that users will recognise
• Give it a redirect of https://Your Auth0 Tenant.eu.auth0.com/login/callback
• Tick the box for "Sign in using OpenStreetMap"

Once created, you will need to securely save your Client ID and Client Secret.

Auth0

These options change frequently, so use this guide with care.

• Once you have logged in to your Auth0 Tennant, go to Authentication → Enterprise → OpenID Connect → Create Connection
• Provide the new connection with the Client ID and Client Secret
• Set the "scope" to be openid
• Set the OpenID Connect Discovery URL to be https://www.openstreetmap.org/.well-known/openid-configuration
• In the "Login Experience" tick the box for "Display connection as a button"
• Set the favicon to be https://blog.openstreetmap.org/wp-content/uploads/2022/07/osm-favicon.png or other suitable graphic

Next Steps

We're not quite done, sadly.

The details which OSM sends back to Auth0 are limited, so Auth0 is missing a few bits:

Annoyingly, Auth0 doesn't set a name or nickname - so you'll need to manually get the preferred_username, or create a "User Map":

There's also no avatar image - only the default one.

Getting the Avatar Image

The OSM API has a method for getting user data.

For example, here's all my public data: https://api.openstreetmap.org/api/0.6/user/98672.json - thankfully no authorisation required!

Alternatively, you can use the Unavatar service to get the image indirectly.

I hope that's helpful to someone!

I think I've cracked it!

Using #OpenStreetMap as a custom OIDC provider in #Auth0. Which means people can log in to OpenBenches with their #OSM credentials via OAuth.

If you'd like to test it, please visit https://openbenches.org/login

(You don't need to upload a photo.)

Công cụ di chuyển từ Auth0/Clerk/WorkOS sang hệ thống xác thực mã nguồn mở AgentAuth đã được xây dựng. Hỗ trợ 4 nhà cung cấp và có thể di chuyển người dùng, vai trò và quyền một cách tự động. #Auth0 #AgentAuth #Xác_Thực #Migration #Mã_Nguồn_Mở #OpenSource #AuthSystem #DiChuyểnĐ��이터

https://www.reddit.com/r/SideProject/comments/1qrf54d/i_built_migration_tools_to_move_from/

Tạo OpenAuth, máy chủ xác thực mã nguồn mở, tự host được. Tính năng: đa thuê bao, JWT, Passkeys, 2FA, dashboard HTML, PostgreSQL... MIT license. #OpenAuth #Auth0 #XácThực #MáyChủ #MãNguồnMở #TựHost #SelfHosted #.OpenSource

https://www.reddit.com/r/selfhosted/comments/1qrdccc/i_built_an_opensource_auth0_alternative_you_can/

🚀 AgentAuth: hệ thống xác thực tự‑host cho AI agents, thay thế Auth0 $240/tháng bằng $0 (chỉ chi phí server). ✅ Triển khai nhanh trên Railway, Fly.io, Docker. SDK TypeScript & Python, CLI <3 phút, quyền scoped, rate‑limit, webhook. Mã nguồn MIT trên GitHub, đang phát triển công cụ di chuyển từ Auth0 và dashboard admin. Tìm early adopters! #SelfHosted #tựchủ #OpenSource #mãnguồnmở #AI #trítuệnhân tạo #Auth0 #AgentAuth

https://www.reddit.com/r/selfhosted/comments/1qr7qpw/selfhosted_authenticatio