Document Auth0 configuration steps for tenants, apps etc.

[nealmcb]

Arlo now relies exclusively on https://auth0.com/ for login and authentication. Setting up an tenant, configuring its Auth0 Dashboard, connecting it with the application, etc are tricky but important steps. They need to be documented.

656 is a start.

These steps should be included (and corrected if necessary):

• Create an app for Arlo as a single page application(?)
• Copy down the Domain, Client ID and Client Secret from the app.
• Configure the app's Allowed Callback URLs with something like http://localhost:3000/auth/auditadmin/callback.

What is the relationship between an "organization" as documented in the README and a "Jurisdiction" like a county within a State, and a "Jurisdiction" as listed in a jurisdiction_filesheet.csv as uploaded by an Arlo administrator?

Do the email addresses used in create-admin have to match tenant Auth0 ids, or are the generated UUIDs used when matching somehow or what?

For testing purposes, can the same email address and/or Auth0 tenant be both an Arlo admin and a Jurisdiction admin?

More config is evidently necessary to get around the 404 Not Found errors I'm getting when I click on Log in as a Jurisdiction Admin and get to http://localhost:3000/authorize?response_type=code&client_id=&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fju..

[benadida]

@nealmcb Auth0 is not required, just any OAuth server is. Auth0 is a good one, though. I wouldn't want to add Auth0-specific documentation to this repository when Auth0 does a fine job of explaining their own product.

Agreed that we could use more documentation on what needs to be configured, though it may take us a little bit of time to get to it.