You'll need to collect a few items from your Auth0 application and add some information. This next bit will end with you having all of the information you need to set up an Auth0-protected Data Provider for your Spaces.
**Please, note that your ClientSecret is very sensitive and should not be publicly exposed**
From your Auth0 dashboard, find the left nav. Therein, click "Applications" and then the second link labelled "Applications." In the "Basic Information" section, copy the Client ID and Client Secret and store them for later use.
In the same settings menu, scroll to the bottom and click the carat in the "Advanced Settings" CTA.
From there, you'll click "Endpoints" and then copy the OAuth Authorization URL and the OAuth Token URL and paste them somewhere you'll be able to find them later.
Back in Internal, navigate to Company Settings. Click "Authorization Providers," and then click "Add Authorization Provider."
In the resulting popup, select "OAuth 2.0" and enter a name for your Auth Provider.
Next, add the information we took from your Auth0 application earlier.
Depending on your Auth0 settings and your application settings, you may want to provide scope for the authorization token that we will use with your Internal function. In most cases, your application will have scopes enabled for authorization. It is important in this step to include those scopes or the function may not work.
IMPORTANT NOTE: "offline_access" is required for automatic token refreshes.
Here, we've defined "offline_access" as one scope for the token. "offline_access" is a scope which allows for the refreshing of access tokens. This scope must be added to the Authorization Provider settings and enabled in Auth0 if you wish to allow token refreshes. This keeps your end users from having to log in repeatedly within a single browser session.
Some very common scopes for OAuth 2.0 are "openid profile email offline_access" Check to ensure which of these scopes your application requires.
If you've no scopes to add -- or you've already added them -- click "Save."
If you'd like to edit the authorization provider settings, click the application name from the "Authorization Providers" menu and a menu will appear.
Navigate to the editor for the function whose output you'd like to shield from prying eyes and click the "Auth" tab.
Then, select the dropdown called "Auth Provider" which corresponds to the Environment in which the Space you wish to protect resides.
Navigate to the Space which you're attempting to protect. If you see an authorization CTA, congratulations, you've done it. Your function (and any Space which uses it) is now protected by your Auth0 authorization application!
All that remains is to authorize, and the Space will be wholly viewable.
Enjoy your protected Space!