Hi, I’m looking to use auth0 as an authorizer for my AWS gateway.
I would like my clients to be able to login to auth0 through an interface, if this is successful then it will generate and display to them a token.
My clients would then be able to use this token as a header when they call my aws gateway, the gateway will then authenticate this token and provide access to my AWS API.
Is this possible with auth0? I can’t see an obvious way to do this in the documentation.
There are many JWT libraries that will allow you to validate a token. If you were to use node.js in your Lambda, you could use this library that we manage:
What do you mean by clients ? We typically say clients when we are talking about applications. Are you talking about your customers or applications?
By clients I mean customers. I have an API service on AWS, which multiple different customers need access. However, I want to add authentication to this API with tokens. Therefore my clients need to be able to generate a token for my API which they can then use when they call my API.
Are you aware that tokens expire? You customer will have to replace the token after expiration. They aren’t going to act the same way as an API key that is valid until it is revoked.
Instead, you may want to consider issuing a set of client credentials to your customer, this is like a username/password for an application, and allows the application to request a new token whenever it is going to call your API. How many customers do you expect to be using your API?
Yes I’m aware that they expire. I was hoping to use refresh tokens to manage this but sounds like that’s not possible.
Client credentials would definitely be another valid option, how do I create client credentials for each customer? Do I have to have a new auth0 application for each customer or can one application support multiple customers?