From d8f48cb12d20825bf484eba6ae3170e4001a7f15 Mon Sep 17 00:00:00 2001 From: denjell Date: Mon, 13 Jun 2016 09:23:19 +0200 Subject: [PATCH 1/5] Language style cleanup, minor spelling corrections & json correction in the README and some MD styling errors. --- PULL_REQUEST_TEMPLATE.md | 2 +- README.md | 46 ++++++++++++++++++++-------------------- STYLEGUIDE.md | 8 +++---- 3 files changed, 27 insertions(+), 29 deletions(-) diff --git a/PULL_REQUEST_TEMPLATE.md b/PULL_REQUEST_TEMPLATE.md index 23080fce65..cdfe10c9cc 100644 --- a/PULL_REQUEST_TEMPLATE.md +++ b/PULL_REQUEST_TEMPLATE.md @@ -1,6 +1,6 @@ ### Your checklist for this pull request -Please review the [guidelines for contributing](https://github.com/auth0/docs#contributing) to this repository. +Please review the [guidelines for contributing](https://github.com/auth0/docs#contributing) for this repository. - [ ] Content conforms to our [Contributing Guidelines](https://github.com/auth0/docs#contributing-guidelines) - [ ] If applicable, you have added details to the [update feed](https://github.com/auth0/docs/tree/master/updates) diff --git a/README.md b/README.md index 032dc69aca..432bd65634 100644 --- a/README.md +++ b/README.md @@ -7,8 +7,8 @@ This is the repository for the Auth0 documentation. * Always use absolute links from the root of the site. Note, that your links should NOT start with `/docs` or any other base path. If the site is hosted with a base like on `auth0.com/docs` the links will be corrected at runtime. * Do not hard code links to auth0 sites like `docs.auth0.com`, `manage.auth0.com`, etc. Use variables instead such as `${uiUrl}` * Name files with all lowercase using dashes (-) to separate words. If using a year in the file name it should be in the format YYYY-MM-DD. For example, `this-is-my-file.md` or `this-is-a-title-2015-10-01.md`. -* Do not store images in external locations like Dropbox, CloudUp, or the Auth0 CDN. Link to images in this repo using `![](/media/folder/image-name.png)`. The image will get automatically uploaded to the CDN and the link will be transformed. -* Try to keep images to no more than 750 pixels wide +* Do not store images in external locations like Dropbox, CloudUp, or the Auth0 CDN. Link to images in this repo using `![](/media/folder/image-name.png)`. The image will be automatically uploaded to the CDN and the link will be transformed. +* Please keep images less than 750 pixels wide * Run all images through [TinyPNG](https://tinypng.com/). ## Contributing @@ -16,15 +16,15 @@ This is the repository for the Auth0 documentation. ### Reusing content You can create document fragments that can be reused in other documents in order to avoid duplication of content. The process of including another document is shown below. -First, create your fragment document. The convention for this is to name fragments with an underscore like `_mydocument.md`. +First, create your document fragment. The convention for this is to name fragments with an underscore like `_mydocument.md`. -After you create your markdown document you can reference it another document with the relative path. +After you create your markdown document you can reference it another document with the relative path: ``` <%= include('../_mydocument.md') %> ``` -Additionally, you can send a context to the included document. +Additionally, you can send a context to the included document: ``` <%= include('../_mydocument.md', { key: 'value', something: true }) %> @@ -34,7 +34,7 @@ Additionally, you can send a context to the included document. Markdown on this site confirms to the [CommonMark spec](http://commonmark.org/). Additionally, there are a few special markdown features available as described below. #### Warning banner -You can add a warning banner to the top of a page to notify that a page is deprecated or other similar messages. +You can, for example, add a warning banner to the top of a page to notify the reader that a page is deprecated or to convey similar messages. ``` ::: warning-banner @@ -59,7 +59,7 @@ Panel content Panel content ::: -::: panel-danger This is a dangerous +::: panel-danger This is dangerous Panel content ::: @@ -69,7 +69,7 @@ Panel content ``` #### HTTP Request Snippets -You can add a [HAR request format](http://www.softwareishard.com/blog/har-12-spec/#request) snippet to make an example HTTP request availible in a variety of languages. This will generate a tab view showing how to make the HTTP request in many languages. +You can add a [HAR request format](http://www.softwareishard.com/blog/har-12-spec/#request) snippet to make an example HTTP request available in a variety of languages. This will generate a tab view showing how to make the HTTP request in many languages. > Note, you need to set the language type to `har` for this to work. View this raw markdown document for an example. @@ -105,11 +105,11 @@ You can add a [HAR request format](http://www.softwareishard.com/blog/har-12-spe ### Screenshots -On Mac OS X screenshots need to be taken with Chrome, taking into account the following: +On Mac OS X screenshots need to be made with Chrome, taking the following into account: 1. The browser cannot show any plugins, customizations, or bookmarks 1. The browser cannot be in incognito mode - 1. The browser needs to be resized to the standard size. Using the below script: + 1. The browser needs to be resized to the standard size. Using the following script: ```bash osascript -e 'tell application "Chrome" to set the bounds of the front window to {100, 150, 1200, 900}' @@ -127,15 +127,15 @@ On Mac OS X screenshots need to be taken with Chrome, taking into account the fo ## Test Procedures When testing a document or tutorial below are several areas to look for. -1. Ensure that the code in the tutorials is correct and functions as expected +1. Ensure that the code in the tutorials is correct and functions as expected. 1. Ensure that the steps (1..n) are in an order that makes sense and that there are no missing or duplicate steps. -1. Check for broken links -1. Check for old screenshots (both in auth0's dashboard/product and on referenced third-party sites) -1. Ensure that the code in the seed project that you download functions as expected -1. Check for outdated dependencies (both auth0 dependencies and third-party i.e. node modules, nuget packages, gems, etc.) +1. Check for broken links. +1. Check for old screenshots (both in auth0's dashboard/product and on referenced third-party sites). +1. Ensure that the code in the seed project that you download functions as expected. +1. Check for outdated dependencies (both auth0 dependencies and third-party i.e. node modules, nuget packages, gems, etc.). ## Review Apps -If you have access to the Auth0 heroku account, you can create a preview release for you pull requests. To do so, login to Heroku and open the `auth0-docs-content` pipeline. +If you have access to the Auth0 heroku account, you can create a preview release for your pull requests. To do so, login to Heroku and open the `auth0-docs-content` pipeline. 1. Next find the Review App for your pull request and click the "Create Review App" button. ![Create Review App](media/readme/create_review_app.png) @@ -218,9 +218,9 @@ All document content is accessible through the docs API as well as through regul To request a document in embedded format (i.e. no template html) to embed externally simply append `?e=1` to any url. -To request a document in the framed format (i.e. no header, footer, or naviation) to use in a window popup or an iframe simply append `?framed=1` to any url. +To request a document in the framed format (i.e. no header, footer, or navigation) to use in a window popup or an iframe simply append `?framed=1` to any url. -To request content in JSON or JSONP format simply pass the header `Accept: 'application/json'` and optionally specify a ``?callback=foo` query parameter for JSONP. +To request content in JSON or JSONP format simply pass the header `Accept: 'application/json'` and optionally specify a `?callback=foo` query parameter for JSONP. In the JSON or JSONP responses you can also request the document metadata by appending `?m=1` to the query. @@ -235,7 +235,7 @@ Response: { "title": "{title}", "content": "{
{code}
}", - "hash": "{hash}" + "hash": "{hash}", "additional_metadata": "" } ``` @@ -247,7 +247,7 @@ ${snippet('{hash}')} ``` ## Connections -Connections are available both through the API and to use in markdown docs. +Connections are available both through the API and for use in markdown docs. Access via API: @@ -284,7 +284,7 @@ When writing docs you can use the following variables instead of hard coding the | `auth0js_url` | The url to the auth0.js CDN location. | | | `auth0js_url_no_scheme` | The url to the auth0.js CDN location without the 'https:'. | | | `auth0_angular_url` | The url to the auth0 angular script CDN location. | | -| `auth0_angular_url_no_scheme` | The url to the auth0 angular script in the CDN location without the 'https://'. | | +| `auth0_angular_url_no_scheme` | The url to the auth0 angular script in the CDN location without the 'https://'. | | | `widget_url` | The url to the Lock script CDN location. | | | `widget_url_no_scheme` | The url to the Lock script CDN location without the 'https:'. | | | `lock_passwordless_url` | The url to the Passwordless Lock script CDN location. | | @@ -294,8 +294,8 @@ When writing docs you can use the following variables instead of hard coding the | Variable | Description | Default Value | | :--------------------- | :------------------------------------------------- | :------------------------------------- | -| `account.appName` | The name of the current Auth0 app. | `YOUR_APP_NAME' | -| `account.tenant` | The name of the current Auth0 tenant. | `YOUR_TENANT' | +| `account.appName` | The name of the current Auth0 app. | `YOUR_APP_NAME` | +| `account.tenant` | The name of the current Auth0 tenant. | `YOUR_TENANT` | | `account.namespace` | The name of the current Auth0 namespace. | `YOUR_NAMESPACE` | | `account.clientId` | The Client ID of the current Auth0 app. | `YOUR_CLIENT_ID` | | `account.clientSecret` | The Client Secret of the current Auth0 app. | `YOUR_CLIENT_SECRET` | diff --git a/STYLEGUIDE.md b/STYLEGUIDE.md index 94caee5184..e59345bfa4 100644 --- a/STYLEGUIDE.md +++ b/STYLEGUIDE.md @@ -1,7 +1,6 @@ # Auth0 Style Guide # -This style guide will cover the terminology and content specific to Auth0, along with some comments on common writing issues. -For general software-industry styles and terminology, see the [Microsoft Manual of Style](https://eucalyptus.atlassian.net/wiki/download/attachments/76611622/microsoft_manual_of_style_fourth_edition.pdf?version=2&modificationDate=1424379604164&api=v2). +This style guide will cover the terminology and content specific to Auth0, along with some comments on common writing issues. For general software-industry styles and terminology, see the [Microsoft Manual of Style](https://eucalyptus.atlassian.net/wiki/download/attachments/76611622/microsoft_manual_of_style_fourth_edition.pdf?version=2&modificationDate=1424379604164&api=v2). ## Voice @@ -27,14 +26,13 @@ Other commonly encountered compound words include server side and client side. T ## Punctuation Colons -Colons are useful when you are directly referring to an example, such as "here is the relevant code:" +Colons are useful when you are directly referring to an example, such as "Here is the relevant code:" Adjectives Hyphens are used between adjectives and the verb they modify if and only if the adjective does not end in "ly." Therefore, "commonly used adjectives" is not hyphenated, while "oft-quoted phrase" is. Punctuation and quotes -In American English, but not British English, punctuation properly belongs inside quotation marks. Therefore, if you incorporate a quote into a sentence, either within or at the end, such as our editor said "You must end quotations with periods inside the quotation marks," you would construct the quotation as you see here, with the comma inside the quotation marks. -If this becomes an issue when quoting code because the code does not include the punction mark in question, do not place the punctuation mark inside the quotes. +Punctuation belongs inside quotation marks in US American English, but not British English. Therefore, if you incorporate a quote within or at the end of a sentence, such as "You must end quotations with periods inside the quotation marks," you would construct the quotation as you see here, with the comma inside the quotation marks. If this becomes an issue when quoting code because the code does not include the punctuation mark in question, do not place the punctuation mark inside the quotes. ## Formatting Do not use block quote style for notes or warnings. It makes the note or warning too prominent. From 48f2dbcafe07a76f9fa38613581e3c68a77d3fc4 Mon Sep 17 00:00:00 2001 From: denjell Date: Mon, 13 Jun 2016 09:32:47 +0200 Subject: [PATCH 2/5] Update styleguide to introduce the avoidance of contractions. --- STYLEGUIDE.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/STYLEGUIDE.md b/STYLEGUIDE.md index e59345bfa4..b0b2598c88 100644 --- a/STYLEGUIDE.md +++ b/STYLEGUIDE.md @@ -14,6 +14,8 @@ Use of gerunds makes a statement more passive. To discuss actions the user must Abbreviations should be avoided. Avoid the use of e.g., for example. Instead, use "for example." The idea is to prevent the reader from having to stop and think about what you mean. It may seem like it just takes a second, but it is similar to tuning your web site performance. You want your site to perform quickly and smoothly. Similarly, you want your content to flow smoothly, uninterrupted by questions the reader must ask himself regarding your intentions. +Avoid contractions wherever possible. Contractions are generally used in spoken language and therefore carries a sense of informality or even laziness. + The use of should versus must and other ambivalent statements must be avoided. If something is required, be definite about it and tell the user it "must" be performed. ## Compound words @@ -35,4 +37,4 @@ Hyphens are used between adjectives and the verb they modify if and only if the Punctuation belongs inside quotation marks in US American English, but not British English. Therefore, if you incorporate a quote within or at the end of a sentence, such as "You must end quotations with periods inside the quotation marks," you would construct the quotation as you see here, with the comma inside the quotation marks. If this becomes an issue when quoting code because the code does not include the punctuation mark in question, do not place the punctuation mark inside the quotes. ## Formatting -Do not use block quote style for notes or warnings. It makes the note or warning too prominent. +Do not use block quote style for notes or warnings. This makes the note or warning too prominent. \ No newline at end of file From 758fd1a3cbf09fc0b32bc1192228124874a5bc01 Mon Sep 17 00:00:00 2001 From: denjell Date: Mon, 13 Jun 2016 09:40:27 +0200 Subject: [PATCH 3/5] Just a couple quick edits of seemingly important documents. - Code Indenting - Removal of contractions - modification of applications.md to better match the STYLEGUIDE --- articles/applications.md | 79 ++++++++++++++++++++-------------------- articles/overview.md | 8 ++-- 2 files changed, 44 insertions(+), 43 deletions(-) diff --git a/articles/applications.md b/articles/applications.md index 0fa1f376ac..269c93418c 100644 --- a/articles/applications.md +++ b/articles/applications.md @@ -1,12 +1,12 @@ # Core Concepts: Applications -An application is one of the core concepts in Auth0, which is why it's important to know how this relates to your applications and the impact this will have on auditing, authorization, billing, ... +An application is one of the core concepts in Auth0, which is why it is important to know how this relates to your applications and the impact this will have on auditing, authorization, billing, ... -> Depending on the concepts or technologies you're working with, an application might also be referred to as a **client** or a **relying party**. +> Depending on the concepts or technologies you are working with, an application might also be referred to as a **client** or a **relying party**. ## Applications in Auth0 -Let's start by looking at how applications are represented in Auth0 and how this relates to other core concepts like Connections and Rules. +We will start by looking at how applications are represented in Auth0 and how this relates to other core concepts like Connections and Rules. ### Settings @@ -14,13 +14,13 @@ Let's start by looking at how applications are represented in Auth0 and how this The application's settings contain the following information: -- **Name of the application**: Canonical name of your application which you'll see in the portal, emails, logs, ... +- **Name of the application**: Canonical name of your application that you will see in the portal, emails, logs, ... - **Client ID (read-only)**: This is the unique identifier for your application. This is the ID you'll use in your application when setting up authentication with Auth0. -- **Client Secret**: This secret will be used to sign and validate tokens which will be used in the different authentication flows. With this key your application will also be able to authenticate to some of the API endpoints (eg: to get an access token from an authorization code). +- **Client Secret**: This secret will be used to sign and validate tokens, which will be used in the different authentication flows. With this key your application will also be able to authenticate to some of the API endpoints (eg: to get an access token from an authorization code). - **Allowed Callback Urls**: One or more urls of your application to which Auth0 can redirect after the user has authenticated. -- **Allowed Origins (CORS)**: If you want to use the Auth0 API from within the browser you'll need to add the urls of the applications running your javascript code to prevent Same-origin policy errors. +- **Allowed Origins (CORS)**: If you want to use the Auth0 API from within the browser you will need to add the urls of the applications running your javascript code to prevent Same-origin policy errors. - **JWT Expiration**: The expiration in seconds of the access tokens that will be handed out by Auth0. -- **Use Auth0 instead of the IdP to do Single Sign On**: If this option is enabled Auth0 won't need to redirect users to the identity provider (Facebook, ADFS, ...) if the user has authenticated before and hasn't logged out or his session hasn't expired. +- **Use Auth0 instead of the IdP to do Single Sign On**: If this option is enabled Auth0 will not need to redirect users to the identity provider (Facebook, ADFS, ...) if the user has authenticated before and hasn't logged out or his session hasn't expired. ### Addons @@ -37,7 +37,7 @@ Addons are extensions associated with applications and are typically used in 2 d ![](/media/articles/applications/applications-connections-example.png) -On application level we are able to choose which connections are enabled, which is useful if an organization is building applications for different audiences. A timesheet application might be for employees only, so we'll want to restrict this to Active Directory authentication. But a customer facing application might have support for Google, Microsoft Accounts, different ADFS connections, ... +On the application level we are able to choose the connections to be enabled, which is useful if an organization is building applications for different audiences. A timesheet application might be for employees only, so we will want to restrict this to Active Directory authentication. But a customer facing application might have support for Google, Microsoft Accounts, different ADFS connections, ... ### Rules @@ -45,35 +45,36 @@ On application level we are able to choose which connections are enabled, which [Rules](/rules) are code snippets written in JavaScript that are executed as part of the authentication pipeline in Auth0. This happens every time a user authenticates to an application. Rules enable very powerful customizations and extensions to be easily added to Auth0. -In the context of a rule we also have access to the application the user is trying to reach which is useful if we want to apply coarse grained authorization policies for our applications (eg: only HR can access application X, application Y can only be accessed from the US, ...). Here's an [example of a rule](https://github.com/auth0/rules/blob/master/rules/simple-user-whitelist-for-app.md) where only the people in the whitelist are allowed to access the application: +In the context of a rule we also have access to the application the user is trying to reach, which is useful if we want to apply coarse grained authorization policies for our applications (eg: only HR can access application X, application Y can only be accessed from the US, ...). Here's an [example of a rule](https://github.com/auth0/rules/blob/master/rules/simple-user-whitelist-for-app.md) where only the people on the whitelist are allowed to access the application: ``` -function (user, context, callback) { - //we just care about NameOfTheAppWithWhiteList - //bypass this rule for every other app - if(context.clientName !== 'NameOfTheAppWithWhiteList'){ - return callback(null, user, context); + function (user, context, callback) { + //we just care about NameOfTheAppWithWhiteList + //bypass this rule for every other app + + if(context.clientName !== 'NameOfTheAppWithWhiteList'){ + return callback(null, user, context); + } + + var whitelist = [ 'user1@mail.com', 'user2@mail.com' ]; //authorized users + var userHasAccess = whitelist.some( + function (email) { + return email === user.email; + }); + + if (!userHasAccess) { + return callback(new UnauthorizedError('Access denied.')); + } + + callback(null, user, context); } - - var whitelist = [ 'user1@mail.com', 'user2@mail.com' ]; //authorized users - var userHasAccess = whitelist.some( - function (email) { - return email === user.email; - }); - - if (!userHasAccess) { - return callback(new UnauthorizedError('Access denied.')); - } - - callback(null, user, context); -} ``` ### Auditing ![](/media/articles/applications/applications-logs-auditing.png) -Whenever a user logs in to an application, a login fails, a user signs up, a password change is requested, ... these events are logged and can be downloaded using the API or can be accessed in the dashboard. These events contain information about the user (test@auth0.com), the connection (Username-Password-Authentication), the application (Default App) and in addition to that we also keep track of the date and time this event occured, the IP address of the user, the user agent (browser information) and the number of times the user logged in. +Events such as a user logs in to an application, a login fails, a user signs up, a password change is requested, ... are logged, can be downloaded using the API or can be accessed in the dashboard. These events contain information about the user (test@auth0.com), the connection (Username-Password-Authentication), the application (Default App) and in addition to that we also keep track of the date and time this event occurred, the IP address of the user, the user agent (browser information) and the number of times the user logged in. ### Cost @@ -83,7 +84,7 @@ In the following example we have 3 active social users for the month of February ![](/media/articles/applications/applications-single-app-active-users.png) -Next month John and Mary start using the company's collaboration application which means they'll also become active users for this second application. Which means that we'll have 5 active social users for the month of March: +Next month John and Mary start using the company's collaboration application which means they'll also become active users for this second application. This means that we will have 5 active social users for the month of March: * Todo List: 3 active users * Collaboration Application: 2 active users @@ -96,30 +97,30 @@ Next month John and Mary start using the company's collaboration application whi ![](/media/articles/applications/applications-traditional.png) -For your regular web application you'll simply create a new application in Auth0. +For your regular web application you will simply create a new application in Auth0. ### Mobile + Single Page Application + REST API ![](/media/articles/applications/applications-multiple-single-logical.png) -This example is an Timesheet application with a REST API hosted on one server, a Single Page application hosted on a different server and a few mobile apps running on different types of devices. From a technical point of view these are 5 applications (different language, deployment model, ...) but for Auth0 this is one and the same application. There's no need to create different applications because we don't want separate auditing (we just want to know who interacted with the REST api), we want to use the same connections in the different client applications, ... +This example is a Timesheet application with a REST API hosted on one server, a Single Page application hosted on a different server and a few mobile apps running on different types of devices. From a technical point of view these are 5 applications (different language, deployment model, ...) but for Auth0 this is one and the same application. There is no need to create different applications because we do not want separate auditing (we just want to know who interacted with the REST api), we want to use the same connections in the different client applications, ... ### Multiple Services and APIs ![](/media/articles/applications/applications-complex-same-app.png) -Here is an example of a decomposed application with several APIs and services. Depending on the requirements this might just be one application in Auth0. This is the easiest to implement but keep in mind that: +Here is an example of a decomposed application with several APIs and services. Depending on the requirements this might just be one application in Auth0. This is the easiest to implement, but keep in mind that: - * With a single token you'll be able to access all APIs - * The logs will show that a user has accessed the "Fabrikam Enterprise Portal" because we won't be able to make a distinction between APIs - * It won't be possible to write rules to control the flow between the applications + * With a single token you will be able to access all APIs. + * The logs will show that a user has accessed the "Fabrikam Enterprise Portal" because we will not be able to make a distinction between APIs. + * It will not be possible to write rules to control the flow between the applications. Now on the other hand, you could create different applications for the enterprise portal and the backing services. This will allow us to identify the different APIs and services giving you: - * Better auditing (you'll be able to see who accessed which service) - * The ability to apply fine-grained authorization for applications through rules (eg: only finance can access the invoices API) - * Support to control the flow of your application (eg: the Documents API is the only API that can call the Invoices API) + * Better auditing, because you will be able to see who accessed which service. + * The ability to apply fine-grained authorization for applications through rules (e.g. only finance can access the invoices API). + * Support to control the flow of your application (e.g. the Documents API is the only API that can call the Invoices API) -Keep in mind that users calling out to the different APIs will count as additional active users because they will be spanning multiple applications. Choosing between one application and different application will be a functionality vs. cost tradeoff. +Keep in mind that users calling out to the different APIs will count as additional active users because they will be spanning multiple applications. Choosing between one application and several distinct applications will be a functionality vs. cost tradeoff. ![](/media/articles/applications/applications-complex-different.png) diff --git a/articles/overview.md b/articles/overview.md index e6d4ffa61e..7bae052b74 100644 --- a/articles/overview.md +++ b/articles/overview.md @@ -4,7 +4,7 @@ Auth0 is a service that abstracts how users authenticate to applications. ![](https://docs.google.com/drawings/d/1yZhoSFzCaqUpYOYDSeGfJI_lUrZ2ApMqzHaeJ7lk5OU/pub?w=713&h=216) -You can connect any application (written in any language or on any stack) to Auth 0 and define its **Connection**, the method used to authenticate the users of that application: +You can connect any application (written in any language or on any stack) to Auth0 and define its **Connection**, the method used to authenticate the users of that application: * **Custom** credentials: username + passwords; * **Social** network logins: Google, Facebook, Twitter, and any OAuth2, OAuth1 or OpenID Connect provider; @@ -17,11 +17,11 @@ This video will give you a quick walkthrough of Auth0 and how it will help save <%= include('./videos/_video', { id: 's15ysw45uy' }) %> ## Integrating Your App -The default [protocol](/protocols) between your application(s) and Auth0 is **OpenID Connect**, a modern, lightweight, simple to use, and simple to integrate protocol. +The default [protocol](/protocols) between your application(s) and Auth0 is **OpenID Connect**, a protocol that is modern, lightweight, simple to use, and simple to integrate. Auth0 ships SDKs for all major platforms (.NET, Java, PHP, Python, node, iOS, and many more), but the use of Auth0 SDKs is not mandatory. -> Virtually anything able to send HTTPs requests can integrate with Auth0. +> Virtually anything able to send HTTPS requests can integrate with Auth0. Auth0 also supports other common identity protocols, such as WS-Federation and SAML. Applications that are already "claims enabled" can easily connect to Auth0. @@ -29,4 +29,4 @@ Auth0 also supports other common identity protocols, such as WS-Federation and S You can extend the functionality of Auth0 using any JavaScript or C# code through the use of [rules](/rules). Rules are custom functions that are executed just after successful authentication and before control returns to the app. They can be used for **Access Control**, **Webhooks**, **Profile Enrichment**, **Multi-factor Authentication**, and many other things. ## Flexible Deployment Models -Auth0 is a service usually running in the [public cloud](${uiURL}), but it can also be deployed in **Private Instances** (PI). PIs are dedicated installations of Auth0. You may choose to run PIs in Auth0's datacenters (which are separate from those that run the multi-tenant services), in your own cloud hosting environments (e.g. AWS, Azure, Rackspace, DigitalOcean), or even on-premises. Customers often opt for a hybrid model. For example, some use the cloud service for their **development** and **test* environments and a PI for their **production** environment. +Auth0 is a service usually running in the [public cloud](${uiURL}), but it can also be deployed in **Private Instances** (PI). PIs are dedicated installations of Auth0. You may choose to run PIs in Auth0's datacenters (which are separate from those that run the multi-tenant services), in your own cloud hosting environments (e.g. AWS, Azure, Rackspace, DigitalOcean), or even on-premises. Customers often opt for a hybrid model. For example, some use the cloud service for their **development** and **test** environments and a PI for their **production** environment. From f4d3a9b840b2d6ea29229782c8477476a5155aa3 Mon Sep 17 00:00:00 2001 From: denjell Date: Mon, 13 Jun 2016 09:48:57 +0200 Subject: [PATCH 4/5] Caught my own mistake. Good thing I check every line of my pull-requests! --- STYLEGUIDE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/STYLEGUIDE.md b/STYLEGUIDE.md index b0b2598c88..8f8751cd72 100644 --- a/STYLEGUIDE.md +++ b/STYLEGUIDE.md @@ -14,7 +14,7 @@ Use of gerunds makes a statement more passive. To discuss actions the user must Abbreviations should be avoided. Avoid the use of e.g., for example. Instead, use "for example." The idea is to prevent the reader from having to stop and think about what you mean. It may seem like it just takes a second, but it is similar to tuning your web site performance. You want your site to perform quickly and smoothly. Similarly, you want your content to flow smoothly, uninterrupted by questions the reader must ask himself regarding your intentions. -Avoid contractions wherever possible. Contractions are generally used in spoken language and therefore carries a sense of informality or even laziness. +Avoid contractions wherever possible. Contractions are generally used in spoken language and therefore carry a sense of informality or even laziness. The use of should versus must and other ambivalent statements must be avoided. If something is required, be definite about it and tell the user it "must" be performed. From cbca2cace2f2232ada2ea9795e3678b4aed8a449 Mon Sep 17 00:00:00 2001 From: denjell Date: Mon, 13 Jun 2016 09:55:45 +0200 Subject: [PATCH 5/5] Caught my own mistake #2. Good thing I check every line of my pull-requests! --- articles/applications.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/articles/applications.md b/articles/applications.md index 269c93418c..fd581f41f4 100644 --- a/articles/applications.md +++ b/articles/applications.md @@ -78,13 +78,13 @@ Events such as a user logs in to an application, a login fails, a user signs up, ### Cost -The [pricing model](https://auth0.com/pricing) is based on the type of identity providers you're using, together with the number of active users and any additional features that have been enabled. Active users are users that authenticated in the last 30 days for **a given application**. We define an application as a client id and client secret pair, if multiple applications (say one on iOS and one on Android) share the same client id and client secret pair, they are a single app in this definition. +The [pricing model](https://auth0.com/pricing) is based on the type of identity providers you are using, together with the number of active users and any additional features that have been enabled. Active users are users that authenticated in the last 30 days for **a given application**. We define an application as a client id and client secret pair, if multiple applications (say one on iOS and one on Android) share the same client id and client secret pair, they are a single app in this definition. In the following example we have 3 active social users for the month of February: ![](/media/articles/applications/applications-single-app-active-users.png) -Next month John and Mary start using the company's collaboration application which means they'll also become active users for this second application. This means that we will have 5 active social users for the month of March: +Next month John and Mary start using the company's collaboration application, which means they will also become active users for this second application. This means that we will have 5 active social users for the month of March: * Todo List: 3 active users * Collaboration Application: 2 active users