What guide should i follow to set up protection to my django rest API?

Im using React for frontend, and i wa able to login/logout using either auth0 users database and google/icloud/microsoft accounts, and im able to get the getAccessTokenSilently() and use my urls endpoints, however i realized that i could use the access token and send anything in the body of the request.

My goal is to create posts that belongs to the current user, verifying that the body from the request is indeed the info from the user.

For example

user = “oauth-g | 2398908203 "
tex = " testing”

Are there any topics or guides related to this matter?

Hello @carloso0114 welcome to the community!

We provide a guide on setting up a Django API (below), but verifying the body of the request is a bit outside the scope of Auth0 - You can verify that the user has the correct permissions, but the body itself you’d need to handle on your end as far as I’m aware.

https://auth0.com/docs/quickstart/backend/django/interactive

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.