Using Web3Auth with Auth0, initializing wallet after login

[cfern18]

The docs have this guide and this documentation on Auth0's website that outline the Web3Auth + Auth0 login model where the Auth0 login is tied directly to the Web3Auth wallet generation (see step 4 in the diagram below - the token flows directly from Auth0). This seems to be the case in both openlogin-adapter usage and with self-host.

Instead, is it possible to initialize the Web3Auth wallet after a user logs in via Auth0, by having my app pass the JWT back to Web3Auth? For context, we are trying to decouple the "login to our platform" and "create wallet" flows in our platform. Basically I want my app to be able to request the JWT back from Auth0 for the authenticated user and send to Web3Auth to initialize the wallet at some point in the user flow beyond login.

[ieow]

Step 4 mentioned is just passing idToken to web3auth sdk.
there is no software code tied between except passing in idToken

You however would need to configure the Auth0 at the dashboard ( configuration for authenticating Auth0 token)

[cfern18]

Got it - do you have an example of how this would be done? i.e. via which function do I pass the id_token back to the web3Auth SDK? I do not want to trigger a login prompt from the user (as they are already authenticated). Via the documentation I only see tkey.serviceProvider.triggerLogin() and web3Auth.connectTo(WALLET_ADAPTERS.OPENLOGIN, {}) - both of which in my understanding trigger a login popup.

[cfern18]

Hi @ieow - checking in on my comment above ^. Is it possible to submit the id_token to web3Auth without triggering a login modal? i.e. doing this at some arbitrary time post login

[ieow]

Sure, you will have to refer self-host solution here
https://web3auth.io/docs/self-hosting

[cfern18]

@ieow when looking at those docs, it outlines the process as such: "The login with the tKey SDK is a two step process. First, you need to trigger the login process by calling the triggerLogin() function of the Service Provider. Following which using the returned information, use the initialize() function of the tKey to generate the Threshold Key corresponding to the user."

How can I initialize wallet creation without having Web3Auth trigger an Auth0 login popup? i.e. I want to pass the pre-fetched Auth0 id_token directly back to Web3Auth via the tKey SDK without triggering any new popups / login prompts.

[ieow]

You would need to use custom-jwt where you will need to handle user login to obtain jwt which is pass to the triggerLogin().
refer this setup
https://web3auth.io/docs/custom-authentication/byo-jwt-providers
and this example
Web3Auth/web3auth-pnp-examples#83

[cfern18]

Thanks @ieow - I updated my code based on your example and am successfully passing the token, but am getting the following error during the triggerLogin() call: "Error occurred while verifying params could not verify identity". I've confirmed that the token is valid (fetched directly from Auth0; contains sub, iat, aud, kid in header). Have also confirmed it is the correct Auth0 clientId.

Only thing that looks different in my code is I don't have a service worker running and am using skipSw - does that have any effect on this?

[cfern18]

For context, here is code:

const triggerLogin = async () => {
    if (!tKey) {
      console.log('tKey not initialized yet');
      return;
    }
    // Initialization of Service Provider
    try {
      await (tKey.serviceProvider as any).init({
        skipSw: true,
      });
    } catch (error) {
      console.error('error initilizing service provider', error);
    }
    try {
      // Triggering Login using Service Provider
      const claims = await getIdTokenClaims();
      const idToken = claims?.__raw;
      const jwtParams = {
        id_token: idToken,
        verifierIdField: 'sub',
      };
      const loginResponse = await (tKey.serviceProvider as any).triggerLogin({
        typeOfLogin: 'jwt',
        verifier: 'mural-auth0-staging',
        clientId: clientId,
        jwtParams: jwtParams,
      });
      setUser(loginResponse.userInfo);
      // uiConsole('Public Key : ' + loginResponse.publicAddress);
      // uiConsole('Email : ' + loginResponse.userInfo.email);
    } catch (error) {
      console.error('got an error when calling triggerLogin', error);
    }
  };