Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Auth0] Using Auth0 usernames instead of email addresses

See original GitHub issue

I noticed that appears to hardcode use of email address as the username when using Auth0. Is there a way to allow Auth0 USERNAME as the JupyterHub username? It would make my life a lot easier to not have usernames locked to email addresses.

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:1
  • Comments:5 (1 by maintainers)

github_iconTop GitHub Comments

JuanCabcommented, Aug 5, 2019

OK, I attempted to set up the generic Oauth authenticator, using the following settings (these are from TLJH config):

  type: oauthenticator.generic.GenericOAuthenticator
    client_id: [REMOVED]
    client_secret: [REMOVED]

and this just seems to generate a ERR_TOO_MANY_REDIRECTS in Chrome. 😦

I also, as a brute force approach, tried to edit my file and replaced 'name': resp_json["email”] with 'name': resp_json["username”] but that triggered a 500 Server error, the TLJH logs indicating that this is because

File "/opt/tljh/hub/lib/python3.6/site-packages/oauthenticator/", line 99, in authenticate
 'name': resp_json["username"],
 KeyError: 'username'

I would really appreciate if someone can find some way to use Auth0 usernames as the account names for JupyterHub.

jsjohnstonecommented, Nov 7, 2019

Writing this out after working through this myself…

You’ll need to check that your scope actually includes the username, and that auth0 is returning a username (which will depend on what you’re using to authenticate with auth0 itself). A scope defines what information will be returned about the user.

There are three ‘scopes’ available with auth0: openid, email and profile. It’s likely you’re using the first two and need to add ‘profile’ by specifying this in your

c.Auth0OAuthenticator.scope = ['openid', 'email', 'profile']

This will expose these fields in the auth0 userinfo response: name, family_name, given_name, middle_name, nickname, picture, and updated_at

From my brief testing with auth0’s built-in user database (as opposed to connecting to a third-party auth platform), the ‘username’ field appears to be exposed as ‘nickname’ in the /userinfo response:

{"sub": "auth0|12345", "nickname": "myusernamehere", "name": "", "picture": "", "updated_at": "2019-11-07T13:33:58.827Z", "email": "", "email_verified": false}

…and so, after including the ‘profile’ scope in, I could reference this username in by replacing email with ‘nickname’:

        return {
            'name': resp_json["nickname"],
            'auth_state': {
                'access_token': access_token,
                'auth0_user': resp_json,

If you’re using a different source for authentication (e.g. Active Directory, Google, Facebook), it’s possible you’ll need to do some playing to see if the username is exposed in the ‘profile’ scope, or if you need to expose it manually using auth0 rules (which is a whole other game).

To help see the actual response JupyterHub is getting from auth0, I found it easy to just dump this to a file by adding this code…

        with open('/home/jamie/auth0data.json', 'w') as f:
             json.dump(resp_json, f)


        # Determine who the logged in user is
        headers={"Accept": "application/json",
                 "User-Agent": "JupyterHub",
                 "Authorization": "Bearer {}".format(access_token)
	req = HTTPRequest("" % AUTH0_SUBDOMAIN,
        resp = await http_client.fetch(req)
        resp_json = json.loads(resp.body.decode('utf8', 'replace'))

…which just dumps the json response into a file in my home directory.

More reading:

Best of luck!

Read more comments on GitHub >

github_iconTop Results From Across the Web

Adding Username for Database Connections - Auth0
Adding Username for Database Connections. For database connections, you can have your users sign in with a username instead of their email address....
Read more >
Username set as email, how to change so that ID or Name ...
Hi Auth0 Fam,. With my current implementation of Auth0 it's using the users email as their username & firstname.
Read more >
Does Auth0 support non-email based login (phone number ...
Answer: Auth0 supports passwordless authentication with SMS, this method allows the user to sign in with a phone number instead of email.
Read more >
Nickname contains the beginning of the email address instead ...
Hi all, I have turned on the “requires username” switch in the database - Username-Password-Authentication settings. Auth0 indeed asks the ...
Read more >
Does Auth0 Support non-email based login like phone ...
JWT How to login with username or with phone and not with email? Does Auth0 support non-email based login (phone number, username)?. Using...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found