What guide should i follow to set up protection to my django rest API?

carloso0114 · September 27, 2023, 9:17pm

Im using React for frontend, and i wa able to login/logout using either auth0 users database and google/icloud/microsoft accounts, and im able to get the getAccessTokenSilently() and use my urls endpoints, however i realized that i could use the access token and send anything in the body of the request.

My goal is to create posts that belongs to the current user, verifying that the body from the request is indeed the info from the user.

For example

user = “oauth-g | 2398908203 "
tex = " testing”

Are there any topics or guides related to this matter?

tyf · September 27, 2023, 10:24pm

Hello @carloso0114 welcome to the community!

We provide a guide on setting up a Django API (below), but verifying the body of the request is a bit outside the scope of Auth0 - You can verify that the user has the correct permissions, but the body itself you’d need to handle on your end as far as I’m aware.

https://auth0.com/docs/quickstart/backend/django/interactive

system · October 11, 2023, 10:25pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to protect my API and give access to consumers through token? Help jwt , auth0 , api	2	4763	July 30, 2019
Django Rest Frameworks: All endpoints require authentication Help python , django	5	8451	September 24, 2019
Generating Access Token Help jwt , auth0 , api	5	3285	September 16, 2022
How to secure an API with Auth0 Help access-token	5	10650	February 10, 2019
Basic Concepts: Client-side authentication, server-side validation Help	4	6348	May 25, 2022

What guide should i follow to set up protection to my django rest API?

Related topics