SPAs communicating with an API

DavidTucker · January 17, 2019, 7:24pm

I am a bit confused about user authentication for SPAs communicating with an API. I am used to checking the user’s cred against the database and then creating a session/cookie.

I am currently working on adding user authentication to my client app using Auth0. I am able to have the user login on the client with Auth0-lock and have it redirect back to my app with the JWT.

I am trying to protect some resources in my API by requiring that the user is authenticated. I have a Rails API with the Knock gem (Auth0 Ruby On Rails API SDK Quickstarts: Authorization here).

When I try to make a get request, I am still getting 401 error and I assume it’s because I don’t have my User model set up correctly.

James.Morrison · January 17, 2019, 9:48pm

Hey there @DavidTucker, I would happy to troubleshoot this 401 error you are receiving. However to do so we need a HAR file for the error producing workflow as we as your tenant name. When you get a chance can you DM those over to me? Thanks in advance!

DavidTucker · January 18, 2019, 2:35pm

I finally got it to work - turns out the knock gem was catching all erros and not throwing it so I couldn’t see that my token was expired.

James.Morrison · January 18, 2019, 3:11pm

Sounds great and thank you for sharing the solution! Be sure to come back to us if you have any questions or share your build in Show Your Auth0!

system · February 2, 2019, 3:11pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.