In the tutorial referred https://auth0.com/docs/quickstart/webapp/asp-classic when you complete the steps of it, the developer might find with a Server Error 500 (The test was made on IIS7 over windows 7) Actually, the code works as intended, it retrieves the user info but it has no redirection after it finishes, so, in the particular case of this test, it throws a 500 server error. HTML code can be added to the callback code, in that way the example will work seamlessly.

If you review the documentation on https://getcomposer.org/doc/00-intro.md you will notice that the command "composer update" is only valid when you have installed composer globally. This should be noted in doc.

AngularJS reference link: https://auth0.com/docs/quickstart/spa/angularjs/no-api

The reference indicated above in the tutorial is different from the reference at the bottom of step/subtitle 3, that asks to change the cdn reference. See image below.

Also needed is to check the second reference (in the line with the text "For more details...", also shown in image). The current auth0.js reference is: http://cdn.auth0.com/w2/auth0-6.js, as obtained from here

In this video https://auth0-1.wistia.com/medias/27i80efy8c the user is rcommended to add to the allowed url's the localhost url to the port 3000 http://localhost:3000

<---- exactly like this.

With that configuartion you get an error after authenticating

The correct configuration is to put the complete url that the example uses to redirect after authenticating http://localhost:3000/callback

If you review the README.md file created with the Auth0 + NodeJS API Seed project you will notice that there are two issues:

• does not specify the required command npm install
• it asks the user to create the .env file and do a configuration that already exists in the project files.

Please see the attached image.

Javier
(in behalf of TechAID)

Clicking the link to IP Address Authentication in the Identity Providers supported by Auth0 page (https://auth0.com/docs/identityproviders) sends to an empty documentation page (https://auth0.com/docs/connections/enterprise/ip-address)

Clicking the link to The City (Sandbox) in the Identity Providers supported by Auth0 page (https://auth0.com/docs/identityproviders) sends to an empty documentation page (https://auth0.com/docs/connections/social/thecity-sandbox)

In the tutorial https://auth0.com/docs/quickstart/native-mobile/phonegap/no-api the links open in the same page, it would be better to open the references on a new tab, in that way the developer can mantain the tutorial in first pane.

Link to the related tutorial: https://auth0.com/docs/quickstart/spa/javascript/aspnetweb-api
The NET API seed project needs a simpler, more explicit indication to its referenced Cors implementation.
Although the tutorial references to an external webpage for configuring CORS, the seed-project includes a code implementation for CORS, although the dependency cannot be obtained out-of-the-box.
There should also be a reference to the command: Install-Package Microsoft.AspNet.WebApi.Cors

Image follows below:

Clicking the link to Yammer in the Identity Providers supported by Auth0 page (https://auth0.com/docs/identityproviders) sends to an empty documentation page (https://auth0.com/docs/connections/social/yammer)

Right now, there is no info about this topic.

To answer the questions:

• how does it work?
• what is the impact to the user whose "account" is trying to be breached?

Auth0 implements algorithms to detect suspicious login attempts. When a suspicious activity is detected, Auth0 will block subsequent login attempts originating from the same computer. It will also send an email to the user notifying him containing link to re-enable the origin of the request. Notice that Auth0 never blocks the user itself, just the attempts from the suspicious origin.

• are all access from a suspicious ip blocked or is it the combination of username/ip that is blocked?

It depends on the algorithm and might change based on the context and evolution of the algorithm

This is an example of the email that is sent to the user

Blocked Access Attempt

We detected suspicious activity from the ip: 190.18.158.85 from Buenos Aires, Argentina.

If that is your IP address click here to unblock it. Otherwise disregard this email.

Clarification: Your account is not blocked, only access to it from the aforementioned IP.


Thanks, 
Default App

It can be edited in the dashboad under Emails -> templates -> Blocked Account Email We need to change the tempate name to other than Blocked Account, maybe Blocked Login Attempt?

This docs is kind of confuse for users this example when they need to do something a little different, for example, get redirected to a callback with code instead of doing it client side.

https://auth0.com/docs/custom-signup

Clicking the link to PingFederate in the Identity Providers supported by Auth0 page (https://auth0.com/docs/identityproviders) sends to an empty documentation page (https://auth0.com/docs/connections/enterprise/ping-federate)

In step 2 there's no detail on where the permission is supposed to be added to:

1. Configuring Auth0 Credentials & Callbacks
   Add the android.permission.INTERNET permission:
   

The code snippet that pops up shows me how to set up a custom ui and gives me an example with google but it does not point me to where i should go to find a list of connections.

https://auth0.com/docs/sso/single-page-apps-sso#1

When trying to load Windows 8 (C#) Documentation using the Quick Start link inside the https://manage.auth0.com page, the page doesn't load.

In the following tutorial https://auth0.com/docs/quickstart/native-mobile/phonegap/no-api on step 1 is required to install a plugin to show the login popup, InAppBrowser. This plugin was renamed and the developers might not be getting the latest version.

Clicking the link to IOS Touch ID in the Identity Providers supported by Auth0 page (https://auth0.com/docs/identityproviders) sends to an empty documentation page (https://auth0.com/docs/connections/passwordless/ios-touch)

Installing NuGet Package for Windows Phone fails on .Net Framework 4.5 application:

PM> Install-Package Auth0.WindowsPhone
Installing 'Auth0.WindowsPhone 1.4.1'.
Successfully installed 'Auth0.WindowsPhone 1.4.1'.
Adding 'Auth0.WindowsPhone 1.4.1' to WebApplication2.
Uninstalling 'Auth0.WindowsPhone 1.4.1'.
Successfully uninstalled 'Auth0.WindowsPhone 1.4.1'.
Install failed. Rolling back...
Install-Package : Could not install package 'Auth0.WindowsPhone 1.4.1'. You are trying to install this package into a project that targets '.NETFramework,Version=v4.5', but the package
does not contain any assembly references or content files that are compatible with that framework. For more information, contact the package author.
At line:1 char:1

• Install-Package Auth0.WindowsPhone

• - CategoryInfo          : NotSpecified: (:) [Install-Package], InvalidOperationException
  - FullyQualifiedErrorId : NuGetCmdletUnhandledException,NuGet.PowerShell.Commands.InstallPackageCommand
  

The callback url example contains a .php extension. This should be removed.

Links to tutorial: https://auth0.com/docs/quickstart/spa/javascript/aspnetweb-api

The information to bind the api from the front end is not present in the tutorial.
Tutorial will be greatly enhanced with some basic information about accurately binding vanilla js front end with NET API seed project, instead of having the developer investigate too many web references on the subject.
No suggestions developed yet.

Auth0 tutorial React reference: https://auth0.com/docs/quickstart/spa/react/no-api

After downloading and serving the React seed project (no api), the app throws a 401 unauthorized error.

I tried hard-coding the token parameters (auth0 clientId & auth0 domain) as per the instructions in the tutorial, but received the same error.

UPDATE: Problem resolved.
Ensure to use a port different than 3000 when serving the seed project, May be needed updating the instructions in the project's readme file.

This occurs only when you are authenticated and viewing quick start from the app phonegap/laravel api.
https://auth0.com/docs/quickstart/native-mobile/phonegap/laravel-api

Running "Install-Package Auth0.WindowsPhone" in an application with .NET Framework 3.5 or 4 throws installation error.

Windows 8 Native SDKs have a different name when entering the Quick Start from inside the dashboard and from outside:

https://auth0.com/docs/quickstart/native-mobile

https://manage.auth0.com/#/applications/08t4pch5E6TFfiOA4i6wGmOsSS27P9ly/quickstart

Readme file for PHP API Seed project indicates a different port in the start command and the test at the end:

composer install
php -S localhost:30001

Now, try calling http://localhost:3001/ping

In Xamarin tutorial's (No API) step 3 (Integration), "Auth0 Login Widget" link redirects to an old version of the login widget (https://auth0.com/docs/libraries/login-widget2). It should be linking to the newer "Lock" widget (https://auth0.com/docs/libraries/lock)

Auth tutorial reference link: https://auth0.com/docs/quickstart/spa/angular/no-api

In the page, subtitle "Step 3 Let's implement the login" presents code in the form of a function, which is not ready to be copied into a new controller file. (See attached image Login-code-snippet.png)

Below is the suggestion

angular.module('YOUR-APP-NAME').controller('LoginCtrl', ['$scope', '$http', 'auth', 'store', '$location', function ($scope, $http, auth, store, $location) {
  $scope.login = function () {
    auth.signin({}, function (profile, token) {
    // Success callback
      store.set('profile', profile);
      store.set('token', token);
      $location.path('/');
    }, function () {
    // Error callback
    });
  }
}]);

There is a discrepancy on the auth0 cdn version shown in the seed project and the one shown in the doc instructions. This may render different results when instructions are followed by users.

Doc Instructions image

Seed project index.html file

In the readme file of the seed project there are some requirements that might be worth mention on the tutorial.

Clicking the link to Salesforce (Sandbox) in the Identity Providers supported by Auth0 page (https://auth0.com/docs/identityproviders) sends to an empty documentation page (https://auth0.com/docs/connections/social/saleforce-sandbox)

Auth0 tutorial React reference: https://auth0.com/docs/quickstart/spa/react/no-api

When downloading and opening the react no api seed project, we can see there is a reference to lock library from the cdn. This reference is outdated (indicates version 6 instead of 7. The app still works fine).

This should be updated to lock library version 7.5, as indicated in the attached image.

Clicking the link to Google Apps in the Identity Providers supported by Auth0 page (https://auth0.com/docs/identityproviders) sends to an empty documentation page (https://auth0.com/docs/connections/enterprise/google-apps)

Per Intercom query:
https://app.intercom.io/a/apps/5543b80da436916e2d7fb2a94b5cd014b92f6b86/inbox/conversation/901261293

Lock library info link: https://auth0.com/docs/libraries/lock
This issue found while reviewing react tutorial at: https://auth0.com/docs/quickstart/spa/react/no-api
(Most likely that all pertinent tutorials will need to have this reference updated)

While following Xamarin (No API) tutorial, Step 2. Search and double-click on Xamarin.Auth0Client component. Xamarin Studio component search does not bring any results when searching for Xamarin.Auth0Client unless "Xamarin." is removed from the search string.

Clicking the link to SAML-P in the Identity Providers supported by Auth0 page (https://auth0.com/docs/identityproviders) sends to an empty documentation page (https://auth0.com/docs/connections/enterprise/samlp)

This may be something that you do not care much about. But in terms of consistency this should show either what it says here or port 3000 as in the other examples.

In https://auth0.com/docs/server-platforms/nodejs in the step 2 the tutorial states:
2. Configure passport-auth0 and shows a code with the data from the account logged in.

Some developers could get this as if there is a file named passport-auth0 which needs to be setup in order to continue, actually, that file is the implementation of methods abstracly defined in the node_modules installed with the npm command and the file must be created.

One can notice that on the step 3 in the code comments but it would be better to directly state that the file must be created.

Link to download Windows Phone Seed Project sends to a local address:

http://localhost:3000/Auth0.WindowsPhone/master/create-package?path=examples/WindowsPhoneSilverlight&type=none&clientId=08t4pch5E6TFfiOA4i6wGmOsSS27P9ly

Clicking the link to LDAP in the Identity Providers supported by Auth0 page (https://auth0.com/docs/identityproviders) sends to an empty documentation page (https://auth0.com/docs/connections/enterprise/ldap)

In the following tutorial https://auth0.com/docs/quickstart/native-mobile/phonegap/no-api
on step 1 you tell the developer that if they are using phonegap build service they should add the plugin using... actually they have to add an entry to the config.xml as it is described here http://docs.build.phonegap.com/en_US/configuring_plugins.md.html it could be more specific detailing the entry has to be added to the config.xml file and giving an example or referencing the phonegap documentation.

Clicking the link to WS-Federate in the Identity Providers supported by Auth0 page (https://auth0.com/docs/identityproviders) sends to an empty documentation page (https://auth0.com/docs/connections/enterprise/ws-fed)

ON this tutorial https://auth0.com/docs/quickstart/native-mobile/phonegap/no-api the seed project file name is: auth0-cordova-sample.zip which is the same from the tutorial for Cordova.

Clicking the link to Evernote-Sandbox in the Identity Providers supported by Auth0 page (https://auth0.com/docs/identityproviders) sends to an empty documentation page (https://auth0.com/docs/connections/social/evernote-sandbox)

Image shown on step 3 of Xamarin tutorial (No API) is from an outdated version of the Login Widget. New version has "Lock" logo.

Newer version of login widget (Lock)

Had to install Obsolete revision of Android SDK Build-tools (21.1.1) in order to make Seed project work.

Link to Auth0 tutorial: https://auth0.com/docs/quickstart/spa/javascript/aspnetweb-api

Seed project cannot be launched due to a missing nuget package called Auth0-ASPNET, which is not mentioned in the tutorial.
Without the mentioned package. an exception is raised:

Cannot load assembly System.Web.Http

Suggested solution is to add a reference to the Auth0-ASPNET package in the tutorial, and alternatively within the seed project itself.