Auth0 provides a highly secure backend for storing and managing user data and access to features such as user registration, deletion, password-less login, social-login, and much more.

GeniePy uses this Auth0-based backend to provide secure user-management in your application.


User data is sensitive. And as website owners, we should be careful about where and how this data is being stored and kept safe.

Auth0 focuses on solving this problem and provides a way for your application to store user data with them in a secure manner. On top of this, they provide access to a ton of features such as registration, login / logout, deletion, social-login (eg. logging in using Google, Facebook, etc.) which can be enabled in a few simple steps.

GeniePy ships with code that delegates all user-management features to Auth0.


Auth0 setup requires a few bits to be in place. Let's go through them one by one.

1. Sign up

The first step, of course, is to sign up for an Auth0 account.

2. Create a Tenant

Next, create a tenant in your account if you don't already have one. You would likely create separate tenants for different environments of your application (development, staging, production, etc.).

3. Create an Application

Next, create an application in your account. Make sure to select "Regular Web Applications" as the application type in the creation modal.

Next, configure callback URLs for the application you just created as shown in the following screenshot.

If you're developing locally, these URLs would start with "http://localhost:9001". For your production application deployment use your production domain name as the base URL instead.

4. Configure Management API

Finally, authorize the Auth0 Management API to be able to access the application you just created. This API should already be there after you created your account. We just need to add a little bit of configuration to it.

Visit "Applications -> APIs -> Auth0 Management API -> Machine to Machine Applications" and:

  1. check the "Authorized" checkbox against the application you created in the previous step, and
  2. expand the application and select (at least) the "user" permissions so this API can access the users


As with everything else, GeniePy expects a few environment variables to be able to talk to Auth0.

  1. AUTH0_DOMAIN: domain for your application
  2. AUTH0_CLIENT_ID: client ID for your application
  3. AUTH0_CLIENT_SECRET: client secret for your application

You can copy the values of all these environment variables from the application settings. Visit "Dashboard -> Applications -> Application -> [Your Application] -> Settings".

That should be it! After you've gone through the setup and configuration steps above, restart your application and you should be able to work with users hosted on Auth0.


1. Enabling Staff users

It's often helpful to distinguish between the types of users accessing your application. For instance, your company's employees might need access to internal sections of your application which the regular end-users must not see.

GeniePy supports this use-case as well.

To mark a user as staff, visit "Dashboard -> User Management -> Users" and find the user you want to upgrade. Edit their app_metadata field to include the following:

    "is_staff": true

The next time they log in to your application, they'll be treated as staff users.