Hello,
I am currently exploring the options to authorize an API that is run on Serverless.
I am still quite new to Serverless and I am accustomed to checking user permissions with middleware using express.
router.get("protectedRoute", checkJwt, permissions.check(["get: protected_route"]), async (req, res) => {}
I am having trouble finding good examples of doing something similar with Serverless and auth0. Ideally I want to specify what permissions are required for a route and attach the user object to the request like I would in express.
I managed to set up a custom authorizer that reads the authentication header token but I cannot check permissions or attach the user to the event this way.
Any help in the right direction would be appreciated.