🛠️ 開発・MCP コミュニティ

auth0-spa-js

Use when adding authentication to Vanilla JS, Svelte, or any framework-agnostic single-page applications - integrates @auth0/auth0-spa-js SDK for SPAs without framework-specific wrappers

⚡ おすすめ: コマンド1行でインストール(60秒)

下記のコマンドをコピーしてターミナル(Mac/Linux)または PowerShell(Windows)に貼り付けてください。ダウンロード → 解凍 → 配置まで全自動。

🍎 Mac / 🐧 Linux

mkdir -p ~/.claude/skills && cd ~/.claude/skills && curl -L -o auth0-spa-js.zip https://jpskill.com/download/23265.zip && unzip -o auth0-spa-js.zip && rm auth0-spa-js.zip

🪟 Windows (PowerShell)

$d = "$env:USERPROFILE\.claude\skills"; ni -Force -ItemType Directory $d | Out-Null; iwr https://jpskill.com/download/23265.zip -OutFile "$d\auth0-spa-js.zip"; Expand-Archive "$d\auth0-spa-js.zip" -DestinationPath $d -Force; ri "$d\auth0-spa-js.zip"

完了後、Claude Code を再起動 → 普通に「動画プロンプト作って」のように話しかけるだけで自動発動します。

💾 手動でダウンロードしたい(コマンドが難しい人向け)

1. 下の青いボタンを押して auth0-spa-js.zip をダウンロード
2. ZIPファイルをダブルクリックで解凍 → auth0-spa-js フォルダができる
3. そのフォルダを C:\Users\あなたの名前\.claude\skills\(Win)または ~/.claude/skills/(Mac)へ移動
4. Claude Code を再起動

⬇ .zip でダウンロード(推奨) ⬇ .skill 形式(上級者用) 元のソース ↗

⚠️ ダウンロード・利用は自己責任でお願いします。当サイトは内容・動作・安全性について責任を負いません。

🎯 このSkillでできること

下記の説明文を読むと、このSkillがあなたに何をしてくれるかが分かります。Claudeにこの分野の依頼をすると、自動で発動します。

📦 インストール方法 (3ステップ)

1. 上の「ダウンロード」ボタンを押して .skill ファイルを取得
2. ファイル名の拡張子を .skill から .zip に変えて展開(macは自動展開可)
3. 展開してできたフォルダを、ホームフォルダの .claude/skills/ に置く
- · macOS / Linux: ~/.claude/skills/
- · Windows: %USERPROFILE%\.claude\skills\

Claude Code を再起動すれば完了。「このSkillを使って…」と話しかけなくても、関連する依頼で自動的に呼び出されます。

詳しい使い方ガイドを見る →

最終更新: 2026-05-18
取得日時: 2026-05-18
同梱ファイル: 14

📖 Claude が読む原文 SKILL.md(中身を展開)

この本文は AI(Claude)が読むための原文(英語または中国語)です。日本語訳は順次追加中。

Auth0 SPA JS Integration

Add authentication to any browser-based single-page application using @auth0/auth0-spa-js — the low-level Auth0 SDK for Vanilla JS, Svelte, SolidJS, and any SPA not using React, Angular, or Vue.

Agent instruction: Before providing SDK setup instructions, fetch the latest release version by running:
gh api repos/auth0/auth0-spa-js/releases/latest --jq '.tag_name'
Use the returned version in all dependency lines instead of any hardcoded version below. If the command fails, fall back to checking https://github.com/auth0/auth0-spa-js/releases.

Prerequisites

Modern browser with ES2017+ support
npm or yarn (or use CDN for no-bundler apps)
Auth0 account with a Single Page Application configured
If you don't have Auth0 set up, see auth0-quickstart

When NOT to Use

React SPAs (hooks, Auth0Provider): Use auth0-react
Angular SPAs (AuthModule, AuthGuard): Use auth0-angular
Vue 3 SPAs (createAuth0, useAuth0): Use auth0-vue
Next.js (server-side sessions, App Router): Use auth0-nextjs
Nuxt (server-side SSR): Use auth0-nuxt
Express server-side web apps: Use auth0-express
React Native / Expo mobile apps: Use auth0-react-native

Quick Start Workflow

1. Install SDK

npm install @auth0/auth0-spa-js

Or via CDN (no bundler). Run this to get the latest version, then use it in your HTML:

VERSION=$(npm view @auth0/auth0-spa-js version)

<script src="https://cdn.auth0.com/js/auth0-spa-js/$VERSION/auth0-spa-js.production.js"></script>

2. Configure Auth0

For automated setup with Auth0 CLI, see Setup Guide for complete scripts.

For manual setup, create .env (Vite):

VITE_AUTH0_DOMAIN=your-tenant.auth0.com
VITE_AUTH0_CLIENT_ID=your-client-id

In Auth0 Dashboard, set for your Single Page Application:

Allowed Callback URLs: http://localhost:5173
Allowed Logout URLs: http://localhost:5173
Allowed Web Origins: http://localhost:5173

3. Initialize Auth0 Client

import { createAuth0Client } from '@auth0/auth0-spa-js';

const auth0 = await createAuth0Client({
  domain: import.meta.env.VITE_AUTH0_DOMAIN,
  clientId: import.meta.env.VITE_AUTH0_CLIENT_ID,
  authorizationParams: {
    redirect_uri: window.location.origin
  }
});

// Handle redirect callback after login
const query = new URLSearchParams(window.location.search);
if ((query.has('code') || query.has('error')) && query.has('state')) {
  await auth0.handleRedirectCallback();
  window.history.replaceState({}, document.title, window.location.pathname);
}

4. Add Login / Logout

Agent instruction: Before adding new UI elements, search the project for existing click handlers for login, logout, sign-in, or sign-out buttons. If existing handlers are found, hook the Auth0 code into them without modifying the existing UI. Only create new buttons if no existing handlers are found.

// Login
document.getElementById('login-btn').addEventListener('click', async () => {
  await auth0.loginWithRedirect();
});

// Logout
document.getElementById('logout-btn').addEventListener('click', () => {
  auth0.logout({
    logoutParams: { returnTo: window.location.origin }
  });
});

// Update UI based on auth state
const isAuthenticated = await auth0.isAuthenticated();
if (isAuthenticated) {
  const user = await auth0.getUser();
  console.log(user.name, user.email);
}

5. Get Access Tokens for API Calls

const accessToken = await auth0.getTokenSilently();

const response = await fetch('https://your-api.example.com/data', {
  headers: { Authorization: `Bearer ${accessToken}` }
});

6. Build & Verify

Agent instruction: After completing the integration, build the project to verify it compiles successfully:
npm run build
If the build fails, analyze the error output and fix the issues. Common integration build failures include:

Module not found: Missing npm install @auth0/auth0-spa-js — run the install command

Cannot find name 'import.meta': TypeScript target too low — set "target": "ES2020" or higher in tsconfig.json

createAuth0Client is not a function: Wrong import path or CDN usage without bundle step

Env vars undefined at runtime: Vite requires VITE_ prefix; webpack/CRA requires REACT_APP_ prefix

Re-run the build after each fix. Track the number of build-fix iterations.

Failcheck: If the build still fails after 5–6 fix attempts, stop and ask the user using AskUserQuestion: "The build is still failing after several fix attempts. How would you like to proceed?"

Let the skill continue fixing iteratively — continue the build-fix loop for another 5–6 attempts

Fix it manually — show the remaining errors and let the user resolve them

Skip build verification — proceed without a successful build

Detailed Documentation

Setup Guide — Automated setup scripts (Bash/PowerShell), Auth0 CLI commands, .env configuration, callback URL setup
Integration Patterns — Token management, calling APIs, refresh tokens, organizations, MFA, DPoP, error handling, advanced patterns
Testing & Reference — Configuration options, claims reference, testing checklist, common issues, security considerations

Common Mistakes

Mistake	Fix
Callback URL port mismatch (e.g., `localhost:3001` vs `localhost:5173`)	Match Allowed Callback URLs exactly to your dev server port in Auth0 Dashboard
`client_secret` in SPA code	SPAs must never have a client secret — remove it. Auth0 sets auth method to `None` for SPA apps
Tokens stored in `localStorage`	Use in-memory storage (default) or `sessionStorage`. Never `localStorage` — XSS risk
`getTokenSilently()` throws `login_required` on page refresh	Add your app origin to Allowed Web Origins in Auth0 Dashboard
`handleRedirectCallback()` not called after redirect	Must call after login redirect to exchange the auth code; without this the URL params persist and re-trigger
Domain includes `https://` prefix	Auth0 domain should be hostname only: `your-tenant.auth0.com`, not `https://your-tenant.auth0.com`
`loginWithPopup()` called from async init code	Popups must be triggered directly from a user gesture (click handler). Never call from init or page load code
Using `Auth0Provider` from `@auth0/auth0-react` in Vanilla JS	For Vanilla JS, use `createAuth0Client()` directly — no provider component needed

Related Skills

auth0-quickstart — Set up an Auth0 account and application
auth0-react — Auth0 for React SPAs with hooks
auth0-angular — Auth0 for Angular SPAs
auth0-vue — Auth0 for Vue 3 SPAs
auth0-mfa — Add Multi-Factor Authentication
auth0-cli — Manage Auth0 resources from the terminal

Quick Reference

Core Methods

Method	Description
`createAuth0Client(options)`	Create and initialize client (calls `checkSession` internally)
`new Auth0Client(options)`	Instantiate without auto session check
`auth0.loginWithRedirect(options?)`	Redirect to Auth0 Universal Login
`auth0.loginWithPopup(options?)`	Open Auth0 login in a popup
`auth0.logout(options?)`	Clear session and redirect
`auth0.handleRedirectCallback(url?)`	Process redirect result after login
`auth0.isAuthenticated()`	`Promise<boolean>`
`auth0.getUser()`	`Promise<User \\| undefined>`
`auth0.getTokenSilently(options?)`	`Promise<string>` — access token
`auth0.checkSession()`	Attempt silent re-authentication

Common Use Cases

Login/Logout → See Step 4 above
Protecting content → Integration Guide
API calls with tokens → Integration Guide
Refresh tokens → Integration Guide
Organizations → Integration Guide
MFA handling → Integration Guide
Error handling → Integration Guide

References

同梱ファイル

※ ZIPに含まれるファイル一覧。`SKILL.md` 本体に加え、参考資料・サンプル・スクリプトが入っている場合があります。

📄 SKILL.md (9,431 bytes)
📎 references/api.md (9,470 bytes)
📎 references/integration.md (10,839 bytes)
📎 references/setup.md (9,389 bytes)
📎 scripts/bootstrap.mjs (3,370 bytes)
📎 scripts/package.json (318 bytes)
📎 scripts/utils/auth0-api.mjs (623 bytes)
📎 scripts/utils/change-plan.mjs (191 bytes)
📎 scripts/utils/clients.mjs (1,195 bytes)
📎 scripts/utils/connections.mjs (2,515 bytes)
📎 scripts/utils/discovery.mjs (1,803 bytes)
📎 scripts/utils/env-writer.mjs (912 bytes)
📎 scripts/utils/helpers.mjs (767 bytes)
📎 scripts/utils/validation.mjs (3,579 bytes)