It's been a few years now and it's a bit hazy ... but I only wanted to use the authentication feature and had no need for fine-grained control over who could call which API methods. You either authenticated into the app, or not. I was led into all these configuration screens to register API details that I had no interest in (that's what I thought). I was also interested in server-side authentication and making a custom sign-in screen (not their drop-in simple one) and I couldn't understand the documentation.
I guess I was either attempting to "misuse" Auth0 or I had incorrect preconceptions or how it was supposed to work. In any case, it was wasting too much time and it dropped off the bottom of the priority list. Now that SSO has reared its head again, I might look at Auth0 again and try to get into their mindset. *Greg* >
