Hi,
I want to setup authorization mechanism to my python flask application. I want o manipulate authorization of groups, users and etc… in my application.
After reading through these pages about how to setup authorization through extension
2-https://auth0.com/docs/quickstart/backend/python#add-api-authorization
I added this decorator which is shown in the second link above (interesting thing is that I realized 2nd links decorator has the same decorator names with the 00-Starter-Seed app. So 2nd links decorator does authorization and authentication at the same time ?
def requires_auth(f): .. .. ..
But when I tried to work that decorator, I am getting this error
{
"code": "Error decoding token headers.",
"description": "Invalid header. Use an RS256 signed JWT Access Token"
}
I doubted from maybe I understand the concept of implementing authorization in Auht0 wrong. So, what I understand from it is
1 - check needs to be made to determine whether the incoming request contains valid authorization information (jwt)
2- get access_token
and use it in decorator
3-call the api to manipulate groups, users, etc, … (things I want to do through api) OR use it as function decorator to make use that function only be called by admin
what is the point I am not seeing or understanding wrong ?
Thanks
Huseyin