Skip to main content
This tutorial demonstrates how to use the nginx-openid-connect module to add authentication and authorization to your NGINX server. We recommend that you log in to follow this quickstart with examples configured for your account.
1
This tutorial and seed project have been tested with the following:
  • NGINX Plus R24
2
First, you need to install the nginx-plus-module-njs module for NGINX Plus.Follow the dynamic module installation guide to install packages in your host OS.For Linux distributions that use yum package manager, you can install the module like so:
sudo yum install nginx-plus-module-njs jq
Once you’ve installed it, you need to enable it for NGINX by adding the following line near the top of your /etc/nginx/nginx.conf file:
load_module modules/ngx_http_js_module.so;
3
Clone the nginx-openid-connect repository. This repository comes with a template configuration.
git clone https://github.com/nginxinc/nginx-openid-connect
4
Run the configure.sh script inside the nginx-openid-connect folder to populate the template configuration for your Auth0 application:
./configure.sh --auth_jwt_key request \
--client_id {yourClientId} \
--pkce_enable \
https://{yourDomain}/.well-known/openid-configuration
Next, add your tenant’s logout URL to your openid_connect_configuration.conf file.
5
Add the Accept-Encoding header and set the value to gzip in your openid_connect.server_conf file.
6
Copy your four configuration files to the conf.d folder.
sudo cp openid_connect.js \ 
frontend.conf \
openid_connect_configuration.conf \
openid_connect.server_conf /etc/nginx/conf.d
7
In the Auth0 Dashboard:
  1. Go to Applications > Applications, and then select your application from the list.
  2. Switch to the Settings view.
  3. In the Application URIs section, add https://{yourDomain}/_codexch to Allowed Callback URLs.
  4. Switch to the Credentials view.
In the Application Authentication section, set Authentication Method to None.
8
Add additional headers from the ID token (JWT) to the upstream target in your /etc/nginx/conf.d/frontend.conf file.

Next Steps

Excellent work! If you made it this far, you should now have login, logout, and user profile information running in your application.This concludes our quickstart tutorial, but there is so much more to explore. To learn more about what you can do with Auth0, check out:
  • Auth0 Dashboard - Learn how to configure and manage your Auth0 tenant and applications
  • Auth0 Marketplace - Discover integrations you can enable to extend Auth0’s functionality