PlusAuth lets you customize every view served by it. Go to Dashboard > Customization > Views .
There is no limitation in views, you can write any HTML/CSS/JS as long as you make the required requests to PlusAuth. You can have a look to Web API for the corresponding requests to each page.
Default views are rendered by using our widget library . It is highly customizable and could help you to build your own custom views without too much effort.
Functionality of previews will be limited. For example, you cannot sign in or register from the preview.
View Context Parameters
For your business requirements you will need to access to some parameters in views such as authorization parameters, client details, connection name, some view related settings etc. PlusAuth provides a context object for such purposes.
You can access to context object from your views by calling PlusAuth
global object or more specifically window.PlusAuth
.
Here is an example context object:
{ "client": { "applicationType": "web", "clientName": "My Client Name", "logoUri": "https://mycdn.example/logo.png", "social": [ { "name": "github", "provider": "github", "branding": { "logo_url": "data:image/svg+xml;base64,...", "display_name": "GitHub", "show_in_login": true } }, { "name": "google", "provider": "google", "branding": {} } ] }, "connection": { "name": "plusauth", "type": "plusauth" }, "details": {}, "params": { "audience": "uri:my-resource", "client_id": "<<CLIENT_ID>>", "nonce": "<<SOME_RANDOM_VALUE>>", "redirect_uri": "https://myapplication.example/callback", "response_mode": "fragment", "response_type": "code", "scope": "openid profile email scope1 scope2", "state": "<<SOME_RANDOM_VALUE>>" }, "prompt": { "name": "login" }, "settings": { "auto_sign_in": true, "forgot_password_enabled": true, "password_policy": { "max": 64, "min": 4 }, "register_enabled": true, "tenant_login_url": "https://myapplication.example/start-login", "welcome_emails_enabled": false }}
Tips for Writing Custom PlusAuth Views
Below are a few practices and recommendations to help you build custom views.
Use the PlusAuth Web API
Always use the official Web API to interact with the platform.
Implement Proper Error States
Handle all possible outcomes, including failed logins, expired sessions, and invalid redirect URIs. Provide user-friendly messages while avoiding disclosure of sensitive details (e.g., "invalid credentials” instead of "wrong password for john@example.com”).
Use CDN for Asset Delivery
Serve your custom assets (images, fonts, libraries, etc.) by using a CDN such as Cloudflare or Amazon CloudFront or your own static asset server.
Test on All Flows
Custom views may be used in multiple contexts — login, signup, MFA, password reset, and consent. Always test each flow to confirm redirect and token exchange behavior work as expected.