Arengu Policy Acceptance

Arengu is a low-code platform that allows you to build UI components (forms) with custom logic (flow) that can be prompted in your sign-up or authentication flows based on your Auth0's rules.

This integration will cover use cases where you require your users to accept new terms, privacy policies or data disclosure forms the next time they log in.

This integration will require all your users to agree to a new terms of service hosted in Arengu.

Prerequisites

• An active Auth0 account (you can sign up for free here)
• An active Arengu account (you can sign up for free here)

Add the Auth0 Action

1. Select Add Integration (at the top of this page).
2. Read the necessary access requirements and click Continue.
3. Configure the integration using the following fields:

• Arengu Form URL: The URL that contains an embedded form or with a hosted form page
• Arengu Session Token: A long, random string

1. Click Create to add the integration to your Library.
2. Click the Add to flow link on the pop-up that appears.
3. Drag the Action into the desired location in the flow.
4. Click Apply Changes.

Building the user flow in Arengu

Go to the form editor and add the required fields. In this case, we will add a Legal field with our terms:

Arengu automatically prefills hidden fields with URL params values and, as we are receiving session_token and state parameters via URL, we will create two hidden fields with the same keys clicking on the eye icon:

Create and link a flow to the first step (same behaviour as Auth0 Actions but in Arengu) to execute custom logic when the user clicks on continue:

Go to the flow editor and start building the flow adding a Verify JSON web token:

Settings for this action:

• ID: change the ID to verifyJwt, this will simplify referencing the output information of this flow action.
• Token: add {{input.body.session_token}} to reference the session_token parameter we are receiving from the form.
• Secret or private key: add the Arengu Session Token used above.
• Issuer: add the host from where you will receive the requests (eg. 'https://arengu.eu.auth0.com/`).

1. Add an If/then condition that we will use to perform conditional logic if the JWT is valid or not.

Settings for this action:

• Condition: add {{verifyJwt.valid}} to the first input and choose is true as evaluation criteria.

In case the JWT validations fails (eg. wrong settings, expired JWT, altered JWT, etc), you can add a custom error message using the Show error message action in the False branch

Add a Sign JSON web token action to the True branch to sign the provided user information.

Settings for this action:

• ID: change the ID to signJwt, this will simplify referencing the output information of this flow action.
• Algorithm: choose HS256.
• Secret or private key: add the Arengu Session Token used above.
• Issuer: add the host from where you will receive the requests (eg. 'https://arengu.eu.auth0.com/`).
• Subject: add {{verifyJwt.payload.sub}} to reference the verified sub of the Verify JSON web token output.
• Expires in: add a short expiration time (eg. 15-30 seconds) to avoid replay attacks.
• Payload: we will add our custom claims inside the other property:

{
  "other": {
    "terms_accepted": true
  },
  "state": "{{input.body.state}}"
}

Let's finish this flow redirecting the user to the Auth0 /continue endpoint with the state and signed token in the URL param adding the Submit the form action:

Settings for this action:

• Redirect to URL: enable it and add https://YOUR_TENANT_SUBDOMAIN.auth0.com/continue?state={{input.body.state}}&session_token={{signToken.token}} to redirect using the state parameter we've received in the form, and the token parameter we've generated in the previous flow action.