NestJS Code Sample: Basic API Authorization

This TypeScript code sample demonstrates how to implement authorization in a NestJS API server using Auth0.

There is an issue with the .env environment names in the instructions and in the code.
In the instructions:

PORT=6060
CLIENT_ORIGIN_URL=http://localhost:4040
AUTH0_AUDIENCE=AUTH0-AUDIENCE
AUTH0_DOMAIN=AUTH0-DOMAIN

To get the app to start .env needs:

PORT=6060
CLIENT_ORIGIN_URL=http://localhost:4040
AUTH0_AUDIENCE=https://hello-world.example.com
AUTH0_DOMAIN=AUTH0-DOMAIN

ISSUER_BASE_URL=https://AUTH0-DOMAIN
AUDIENCE=https://hello-world.example.com
1 Like

If I use the token from the response on my API Details page I get invalid token.
Is there a way to debug what is wrong?

Thanks

1 Like

Thank you so much for reporting this. You are correct. There was a mistake during the document release process. We have corrected that and the code sample page now shows the correct content for the .env file:

PORT=6060
ISSUER_BASE_URL=https://AUTH0-DOMAIN
AUDIENCE=AUTH0-AUDIENCE
CLIENT_ORIGIN_URL=http://localhost:4040

Apologies for that mix up.

1 Like

Are you referring to the test access token that you get as part of the code sample page instructions or one that you are getting by using a client application to test the API?

1 Like

Hi Dan,
Thanks for the revised .env settings. The ‘get protected’ route is now working :grinning:

Chris

Hi when use the typescriopt v18 react code version I get the below error on npm install

npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated svgo@1.3.2: This SVGO version is no longer supported. Upgrade to v2.x.x.

npm ERR! code E401
npm ERR! Incorrect or missing password.
npm ERR! If you were trying to login, change your password, create an
npm ERR! authentication token or enable two-factor authentication then
npm ERR! that means you likely typed your password in incorrectly.
npm ERR! Please try again, or recover your password at:
npm ERR!     https://www.npmjs.com/forgot
npm ERR!
npm ERR! If you were doing some other operation then your saved credentials are
npm ERR! probably out of date. To correct this please try logging in again with:
npm ERR!     npm login

Even if I login into npm I get the same error message.

That’s great! I am glad to hear.

1 Like

Can you please share the URL of the repo that you are using, please?

1 Like

Hi Dan,

This is the spa-repo.
It is a checkout of the auth0 react v18 typescript example. I m using this as I will be updating a nextJs v13 front end.

Many thanks

Chris

Thanks for your response. That’s a quick fix: Please delete the package-lock.json from that sample project and run npm install again. :pray: Thanks!

1 Like

Hi - I found that my npm certificate had expired. Following the above and generating new ones worked a treat thanks. :slight_smile:

1 Like

Glad to hear! Thanks for trying out our different code samples and blog posts! :muscle:

1 Like

Hi ,
Is there a blog that deals with sending messages (hopefully POST) from nextJs protected API route to nestJs API.

I am currently getting an unauthorised error using the token from in NextJs. If I run a test using Postman and the test JWT it succeeds. The code in NestJS follows the messaages code from this tutorial.

If helpful here is the github repo

Many thanks,

Chris

We don’t have a resource like that. A few questions to help troubleshoot:

  • How are you getting the access token on your Next.js API route?
  • Are both Next.js web app and NestJS API registered under the same Auth0 tenant?
  • How are you setting the API audience in your Next.js API? Is it the same audience as your NestJS API?

Thanks for your help- typo in audience