fastapi-auth0

0.5.0 verified Fri May 01 auth: no python

FastAPI-Auth0 is a library providing easy Auth0 integration for FastAPI applications. It offers dependency injection for verifying access tokens, including custom user models and role/permission checking. Current version is 0.5.0, with a moderate release cadence.

pip install fastapi-auth0

Common errors

error ImportError: cannot import name 'Auth0' from 'auth0' ↓

cause Importing from wrong module: from auth0 import Auth0 instead of from fastapi_auth0 import Auth0

fix

Use from fastapi_auth0 import Auth0

error AttributeError: module 'fastapi_auth0' has no attribute 'Auth0UnauthenticatedError' ↓

cause Exception was renamed in v0.2.0.

fix

Catch Auth0UnauthenticatedException instead.

error Auth0Error: The token's issuer is not valid. Expected 'https://your-domain.auth0.com/', got 'https://your-domain.auth0.com/' ↓

cause Issuer URL mismatch, often due to trailing slash differences.

fix

Ensure issuer URL in init matches exactly (typically ending with '/').

Warnings

breaking Exception renamed from Auth0UnauthenticatedError to Auth0UnauthenticatedException in v0.2.0. ↓

fix Catch Auth0UnauthenticatedException instead.

deprecated Support for Python 3.7 dropped in v0.5.0, though may still work. ↓

fix Use Python 3.8 or higher.

gotcha If audience contains URL-illegal characters (like spaces), JWT verification fails. Fixed in v0.2.0. ↓

fix Upgrade to v0.2.0+ or sanitize audience string.

gotcha When using token from another tenant or with rotated keys, you get a misleading error message. Fixed in v0.3.0. ↓

fix Upgrade to v0.3.0+.

Imports

Auth0

wrong

from auth0 import Auth0

correct

from fastapi_auth0 import Auth0

Wrong package, causes ImportError.

Auth0User
```
from fastapi_auth0 import Auth0User
```

Quickstart

Basic setup with public and private endpoints.

from fastapi import FastAPI, Depends
from fastapi_auth0 import Auth0, Auth0User
import os

app = FastAPI()
auth0_domain = os.environ.get('AUTH0_DOMAIN', '')
auth0_api_audience = os.environ.get('AUTH0_API_AUDIENCE', '')
auth0_issuer = f'https://{auth0_domain}/'
auth = Auth0(domain=auth0_domain, api_audience=auth0_api_audience, issuer=auth0_issuer)

@app.get('/public')
async def public():
    return {'message': 'Hello public'}

@app.get('/private')
async def private(user: Auth0User = Depends(auth.get_user)):
    return {'message': f'Hello {user.email}'}