I created a rule to post some user data to my application which is using auth0 for authentication.
My question: How can I access an accessToken to authenticate the call to my app or how can I ensure the call is coming for a legitimate safe source? What are the best practices around this?
Thank you so much,
Welcome to the Auth0 Community Forum!
You can register the M2M app and there is a node request example you can copy into the rule.
There are some best practices you want to follow concerning storing secrets and minimizing api requests. Specifically you will want to be aware of rate limits and how often this call is being made. Rules run after every successful authentication so you will likely want to make this conditional. Please review this document including those topics:
Hope this helps!
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.