Skip to main content
Let your AI agent call your APIs on behalf of the authenticated user using access tokens securely issued by Auth0. Your API can be any API that you have configured in Auth0. By the end of this quickstart, you should have an AI application integrated with Auth0 that can:
  • Get an Auth0 access token.
  • Use the Auth0 access token to make a tool call to your API endpoint, in this case, Auth0’s /userinfo endpoint.
  • Return the data to the user via an AI agent.

Pick your tech stack

  • Hono

Prerequisites

Before getting started, make sure you have completed the following steps:
1

Create an Auth0 Account

To continue with this quickstart, you need to have an Auth0 account.
2

Create an Auth0 Application

Go to your Auth0 Dashboard to create a new Auth0 Application.
  • Navigate to Applications > Applications in the left sidebar.
  • Click the Create Application button in the top right.
  • In the pop-up select Regular Web Applications and click Create.
  • Once the Application is created, switch to the Settings tab.
  • Scroll down to the Application URIs section.
  • Set Allowed Callback URLs as: http://localhost:3000/auth/callback
  • Set Allowed Logout URLs as: http://localhost:3000
  • Click Save in the bottom right to save your changes.
To learn more about Auth0 applications, read Applications.
3

OpenAI Platform

Set up an OpenAI account and API key.

Start from our Cloudflare Agents template

Our Auth0 Cloudflare Agents Starter Kit provides a starter project that includes the necessary dependencies and configuration to get you up and running quickly.To create a new Cloudflare Agents project using the template, run the following command in your terminal:
npx create-cloudflare@latest --template auth0-lab/cloudflare-agents-starter

About the dependencies

The start kit is similar to the Cloudflare Agents starter kit but includes the following dependencies to integrate with Auth0 and Vercel AI:
  • hono: Hono Web Application framework.
  • @auth0/auth0-hono: Auth0 SDK for the Hono web framework.
  • hono-agents: Hono Agents to add intelligent, stateful AI agents to your Hono app.
  • @auth0/auth0-cloudflare-agents-api: Auth0 Cloudflare Agents API SDK to secure Cloudflare Agents using bearer tokens from Auth0.
  • @auth0/ai: Auth0 AI SDK to provide base abstractions for authentication and authorization in AI applications.
  • @auth0/ai-vercel: Auth0 Vercel AI SDK to provide building blocks for using Auth for GenAI with the Vercel AI SDK.
  • @auth0/ai-cloudflare: Auth0 Cloudflare AI SDK to provide building blocks for using Auth for GenAI with the Cloudflare Agents API.
You don’t need to install these dependencies manually; they are already included in the starter kit.
npm remove agents
npm install hono \
  @auth0/auth0-hono \
  hono-agents \
  @auth0/auth0-cloudflare-agents-api \
  @auth0/ai-cloudflare \
  @auth0/ai-vercel \
  @auth0/ai

Set up environment variables

In the root directory of your project, copy the .dev.vars.example into .dev.vars file and configure the Auth0 and OpenAI variables.

Define a tool to call your API

In this step, you’ll create a Vercel AI tool to make the first-party API call to the Auth0 API. You will do the same for third-party APIs.After taking in an Auth0 access token during user login, the Cloudflare Worker sends the token to the Cloudflare Agent using the Authorization header in every web request or WebSocket connection.Since the Agent defined in the class Chat in src/agent/chat.ts uses the AuthAgent trait from the @auth0/auth0-cloudflare-agents-api it validates the signature of the token and that it matches the audience of the Agent.The tool we are defining here uses the same access token to call Auth0’s /userinfo endpoint.
src/agent/tools.ts
const getUserInfoTool = tool({
  description: "Get information about the current logged in user.",
  parameters: z.object({}),
  execute: async () => {
    const { agent } = getCurrentAgent<Chat>();
    const tokenSet = agent?.getCredentials();
    if (!tokenSet) {
      return "There is no user logged in.";
    }

    const response = await fetch(
      `https://${process.env.AUTH0_DOMAIN}/userinfo`,
      {
        headers: {
          Authorization: `Bearer ${tokenSet.access_token}`,
        },
      }
    );

    if (response.ok) {
      return { result: await response.json() };
    }

    return "I couldn't verify your identity";
  },
});
Then in the tools export of the src/agent/chat.ts file, add the getUserInfoTool to the tools array:
src/agent/chat.ts
export const tools = {
  // Your other tools...
  getUserInfoTool,
};

Test your application

To test the application, run npm run start and navigate to http://localhost:3000/ and interact with the AI agent. You can ask questions like “who am I?” to trigger the tool call and test whether it successfully retrieves information about the logged-in user.
User: who am I?
AI: It seems that there is no user currently logged in. If you need assistance with anything else, feel free to ask!

User: who am I?
AI: You are Juan Martinez. Here are your details: - .........
That’s it! You’ve successfully integrated first-party tool-calling into your project.Explore the start kit on GitHub.

Next steps