So, I created a single-page application on Auth0 and integrated it with my Angular front end. This worked perfectly, and users could log in to my application using Auth0. I however wanted to set up roles/permissions, so created creating a custom API in Auth0. I have connected this API to my python backend and have tested it on the postman.
My Angular application was already using a python API to perform GET/POST/PUT/DELETE requests.
I integrated my python API with my auth0 APi using:
class Auth0JWTBearerTokenValidator(JWTBearerTokenValidator):
def __init__(self, domain, audience):
issuer = f"https://{domain}/"
jsonurl = urlopen(f"{issuer}.well-known/jwks.json")
public_key = JsonWebKey.import_key_set(
json.loads(jsonurl.read())
)
super(Auth0JWTBearerTokenValidator, self).__init__(
public_key
)
self.claims_options = {
"exp": {"essential": True},
"aud": {"essential": True, "value": audience},
"iss": {"essential": True, "value": issuer},
}
require_auth = ResourceProtector()
validator = Auth0JWTBearerTokenValidator(
"example",
"example"
)
require_auth.register_token_validator(validator)
I’m am unsure however how to integrate my Auth0 single-page application with my Auth0 custom API via angular. I tried by ‘audience’ to my authModule.route, as seen below:
AuthModule.forRoot( {
domain: 'example',
clientId: 'example',
audience: 'http://localhost:5000',
authorizationParams: {
redirect_uri: 'http://localhost:4200',
},
})
I have assigned users certain permissions, but when I try to execute API requests as an admin user via my frontend application I am now getting 401 errors, so I don’t believe my application is integrated with my API. Any help would be greatly appreciated!