Skip to main content
Use Auth0 SDKs to fetch access tokens for social and enterprise identity providers from Auth0’s Token Vault. Using these access tokens, AI agents integrated with the application can call third-party APIs to perform tasks on the user’s behalf.

What you’ll learn

  • Retrieve access tokens for a Google social connection.
  • Integrate with an AI agent to call Google APIs.
Before getting started, make sure you have completed the following steps:
1

Create an Auth0 Account

To continue with this quickstart, you need to have an Auth0 account.
2

Create an Auth0 Application

Go to your Auth0 Dashboard to create a new Auth0 Application.
  • Navigate to Applications > Applications in the left sidebar.
  • Click the Create Application button in the top right.
  • In the pop-up select Regular Web Applications and click Create.
  • Once the Application is created, switch to the Settings tab.
  • Scroll down to the Application URIs section.
  • Set Allowed Callback URLs as: http://localhost:3000/auth/callback
  • Set Allowed Logout URLs as: http://localhost:3000
  • Click Save in the bottom right to save your changes.
3

OpenAI Platform

Set up an OpenAI account and API key.
  • https://mintlify.s3.us-west-1.amazonaws.com/auth0-genai-feat-add-diagrams-modal-with-steps/img/hono-light.svg Hono

Getting started using AI

To get started quickly:
Clone auth0-samples/auth0-ai-samples and navigate to auth0-ai-samples/call-apis-on-users-behalf/others-api/langchain-next-js directory.
Then, integrate Auth0 AI docs into your preferred AI tool:

  • VS Code
  • Cursor
  • Claude Code
  • Claude
Create a .vscode/mcp.json file and add:
{
  "servers": {
    "Auth0 for AI Agents": {
      "type": "http",
      "url": "https://auth0.com/ai/docs/mcp"
    }
  }
}
To learn more, read the VS Code documentation.

or Follow manual steps

1

Start from our Cloudflare Agents template

Our Auth0 Cloudflare Agents Starter Kit provides a starter project that includes the necessary dependencies and configuration to get you up and running quickly.To create a new Cloudflare Agents project using the template, run the following command in your terminal:
npx create-cloudflare@latest --template auth0-lab/cloudflare-agents-starter
2

About the dependencies

The start kit is similar to the Cloudflare Agents starter kit but includes the following dependencies to integrate with Auth0 and AI SDK:
  • hono: Hono Web Application framework.
  • @auth0/auth0-hono: Auth0 SDK for the Hono web framework.
  • hono-agents: Hono Agents to add intelligent, stateful AI agents to your Hono app.
  • @auth0/auth0-cloudflare-agents-api: Auth0 Cloudflare Agents API SDK to secure Cloudflare Agents using bearer tokens from Auth0.
  • @auth0/ai: Auth0 AI SDK to provide base abstractions for authentication and authorization in AI applications.
  • @auth0/ai-vercel: Auth0 AI SDK to provide building blocks for using Auth0 for AI Agents with the AI SDK.
  • @auth0/ai-cloudflare: Auth0 Cloudflare AI SDK to provide building blocks for using Auth0 for AI Agents with the Cloudflare Agents API.
You don’t need to install these dependencies manually; they are already included in the starter kit.
npm remove agents
npm install hono \
  @auth0/auth0-hono \
  hono-agents \
  @auth0/auth0-cloudflare-agents-api \
  @auth0/ai-cloudflare \
  @auth0/ai-vercel \
  @auth0/ai
3

Set up environment variables

In the root directory of your project, copy the .dev.vars.example into .dev.vars file and configure the Auth0 and OpenAI variables.
4

Define a tool to call your API

In this step, you’ll create a AI SDK tool to make the first-party API call to the Auth0 API. You will do the same for third-party APIs.After taking in an Auth0 access token during user login, the Cloudflare Worker sends the token to the Cloudflare Agent using the Authorization header in every web request or WebSocket connection.Since the Agent defined in the class Chat in src/agent/chat.ts uses the AuthAgent trait from the @auth0/auth0-cloudflare-agents-api it validates the signature of the token and that it matches the audience of the Agent.The tool we are defining here uses the same access token to call Auth0’s /userinfo endpoint.
src/agent/tools.ts
const getUserInfoTool = tool({
  description: "Get information about the current logged in user.",
  parameters: z.object({}),
  execute: async () => {
    const { agent } = getCurrentAgent<Chat>();
    const tokenSet = agent?.getCredentials();
    if (!tokenSet) {
      return "There is no user logged in.";
    }

    const response = await fetch(
      `https://${process.env.AUTH0_DOMAIN}/userinfo`,
      {
        headers: {
          Authorization: `Bearer ${tokenSet.access_token}`,
        },
      }
    );

    if (response.ok) {
      return { result: await response.json() };
    }

    return "I couldn't verify your identity";
  },
});
Then in the tools export of the src/agent/chat.ts file, add the getUserInfoTool to the tools array:
src/agent/chat.ts
export const tools = {
  // Your other tools...
  getUserInfoTool,
};
5

Test your application

To test the application, run npm run start and navigate to http://localhost:3000/ and interact with the AI agent. You can ask questions like “who am I?” to trigger the tool call and test whether it successfully retrieves information about the logged-in user.
User: who am I?
AI: It seems that there is no user currently logged in. If you need assistance with anything else, feel free to ask!

User: who am I?
AI: You are Juan Martinez. Here are your details: - .........
That’s it! You’ve successfully integrated first-party tool-calling into your project.Explore the start kit on GitHub.

Continue Learning

Call Your APIs on User's Behalf

With Auth0, your AI apps can securely call your APIs on behalf of authenticated users.

Call Other's APIs on User's Behalf

Token Vault lets your AI agent call external APIs on a user’s behalf.

How-Tos

Check Google Calendar Availability

Use OpenAI, NextJS, and the Auth0-AI SDKs to check your Google Calendar availability.

List GitHub Repositories

Use OpenAI, NextJS, and the Auth0-AI SDKs to list your GitHub repositores

List Slack Channels

Use OpenAI, NextJS, and the Auth0-AI SDKs to list your Slack channels