In Is it safe to expose client_id, client_secret, and audience on HTML pages? , I asked if it is safe to expose client_id and client_secret in a static site’s pages or scripts and scripts and @luis.rudge kindly answered that, in short, no: client_id: yes. client_secret, absolutely not. We encode t…

Static pages, AWS API Gateway, Custom Authorizers and JWT tokens: how?

Brng June 2, 2018, 5:12am 3

I found the solution to this and posted the details here.

Topic		Replies	Views
Is it safe to expose client_id, client_secret, and audience on HTML pages? Help jquery , spa , security	4	8054	December 17, 2018
AWS Custom Authorizers Help	0	3027	October 18, 2019
The Adventure of Access-Control-Allow-Credentials Help cors , aws , lambda , api-gateway , custom-authorizer	3	8315	September 3, 2019
Allow clients to generate tokens for AWS gateway Help auth0	10	2505	April 7, 2021
How to call a secured AWS API Gateway resource from a static web page? Help jquery , access_token , access-token , aws , api-gateway	2	7156	December 17, 2018