Beginner here & new to this. I have a simple subscription site (gatsbyjs), & I am using the Auth0 Lock to enable users access to my site. My site queries some data from my nodejs server via graphql. Now I realised that while my frontend is secured by auth0, my backend isn’t. A malicious user could …

Hi @johncat , Welcome to the Community! You can control access to a backend API with access tokens. See this article: [image] Call Your API from Your Single-Page App Everything you need to know to call your API from your single-page app (SPA)

Securing NodeJS Backend as well as my React-Frontend (using Auth0-Lock)?

Get Help

dan.woda December 3, 2020, 4:20pm 10

I’m not familiar with it. It looks like it’s built on auth0.js, which is our older sdk. We have sample apps for gatsby that use our newer react-specific SDK. Check this out:

Topic		Replies	Views
How to securely access custom backend API after SPA authentication? Get Help classic-universal-login-experience , login-experience	6	4202	May 9, 2023
Auth0 react - login + backend API protection Get Help auth0-react , sdks-quickstarts	2	1941	August 2, 2023
Auth0 React - Server Side Login Get Help	0	1859	April 15, 2022
What Auth0 set up is best for React front end and Node.js back end? Get Help nodejs , react	2	5496	December 4, 2018
Frontend or backend authentication? Get Help auth0 , api , login	1	7307	August 24, 2020

Securing NodeJS Backend as well as my React-Frontend (using Auth0-Lock)?

Related topics