If you have previous experience of working with third-party service providers, you might have noted that in order to use their services, you have to register an application in order to get some private keys that you will use to access your third-party provider's resource. The same happens with Auth0; we should first register an application and then use the keys generated to configure our apps.

On the dashboard page, go ahead and select the Applications menu and click on the CREATE CLIENT button:

After clicking on the CREATE CLIENT button, fill the following form with your application's name and select Single Page Application for the client type; then, click on CREATE:

Once we create the client, a new configuration page will be displayed. Navigate to the Settings tab and you will see the following configuration values:

• Name: The name of our application
• Domain: The domain you previously registered in the sign-up process
• Client ID: A unique ID that makes your application unique
• Client Secret: The secret value used to sign the JWT that Auth0 will generate
• Allowed Callback URL: The list of URL that Auth0 will redirect when the authentication is a success

That's it. Before we explore the application's code, let's start understanding how Auth0 manages authentication by analyzing the following diagram:

The flow begins when the User wants to log in to the application. You might have a kind of Navigation bar with a button that when clicked on will trigger a JavaScript function that will call an Auth0 JavaScript login function. Secondly, the user will be redirected to a built-in Auth0 Login Form and will have to enter their credentials to sign up. The credentials entered by the users are validated by Auth0; if the Auth0 finds a valid user with the provided credentials, it will generate a valid JWT that will be sent to the user/Aurelia app. This JWT will be used to access your backend resources. Remember that you can use the Client Secret property to decrypt the token in the backend.