In Is it safe to expose client_id, client_secret, and audience on HTML pages? , I asked if it is safe to expose client_id and client_secret in a static site’s pages or scripts and scripts and @luis.rudge kindly answered that, in short, no: client_id: yes. client_secret, absolutely not. We encode t…

Apparently the JWT is stored in local storage under id_token (authResult.idToken), however when I create the Authorization header like this to call my endpoint: $.ajax({ type: "POST", url: "...", data: JSON.stringify(payload), headers: { "Authorization": `Bearer ${localStorage…

Static pages, AWS API Gateway, Custom Authorizers and JWT tokens: how?

Get Help

Brng June 2, 2018, 5:12am 3

I found the solution to this and posted the details here.

Topic		Replies	Views
How to call a secured AWS API Gateway resource from a static web page? Get Help jquery , access_token , access-token , aws , api-gateway	2	7208	December 17, 2018
AWS Custom Authorizers Get Help	0	3043	October 18, 2019
Securing AWS HTTP APIs with JWT Authorizers Blog Discussions	38	11152	November 22, 2024
Can't get custom authorizer to work Get Help	3	4715	August 13, 2019
Allow clients to generate tokens for AWS gateway Get Help auth0	10	2630	April 7, 2021

Static pages, AWS API Gateway, Custom Authorizers and JWT tokens: how?

Related topics