Now we are really concerned about securing our custom API what will provide user details for Get User request.
We have a API which returns user details and we want to use that in custom getUser database script.
We wanted to understand auth0 recommended approach to protect that endpoint.
- One way is to, create auth0 specific private client in custom auth and use that access token
- Another is to use basic auth