AWS Lambda M2M OAuth

Kada · November 26, 2023, 4:00pm

Hey there,

I have multiple AWS Lambda that need secure access to my backend API protected by Auth0

From what I understand, I need to create a M2M Application for them in Auth0, and use the M2M grand client flow from OAuth to get an access token so that I can securely consume my backend API from AWS Lambda

Is it a bad idea to get a new access token for every invocation of a given lambda?

Or do I need to setup a more complex architecture when I store the access token and refresh the token in a database, and refresh the token when needed?

What’s the recommended approach here?

dan.woda · November 29, 2023, 8:47pm

Hi @Kada,

M2M tokens destined for a custom API are subject to the M2M token quota (this excludes Auth0 Management API tokens, for example). You can see quotas in the dashboard or on our pricing page.

As a result, you will want to make efficient use of the Access Tokens in your serverless functions and generally do not want to request a new token if not necessary.

Storing and refreshing the token when it returns expired is the usual approach. Here’s some discussion on it: aws api gateway - Aws Lambda - how to persist valid tokens for use with other invocations - Stack Overflow

Hope this helps!

system · December 13, 2023, 8:47pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.