Auth0
This document outlines the configuration settings for integrating Auth0 with a Serverless API Gateway.
Configuration Parameters
Parameters Explained
type: Specifies the type of authorizer being used. In this case, it is set to "auth0".
domain: The Auth0 domain associated with your account. Replace
your-auth0-domain
with your actual Auth0 domain.client_id: The unique identifier for your Auth0 application. Replace
your-client-id
with your actual client ID.client_secret: The secret key associated with your Auth0 application. Replace
your-client-secret
with your actual client secret.redirect_uri: The URI to which Auth0 will redirect users after authentication. Replace
https://your-api-url/api/v1/auth0/callback
with your actual callback URL.jwks: A JSON Web Key Set (JWKS) containing the public keys used to verify the JWT signatures. Replace the values in the
n
,kid
,x5t
, andx5c
fields with your actual key values. Eitherjwks
orjwks_uri
is required.jwks_uri: The URI to retrieve the JWKS from Auth0. Replace
your-auth0-domain
with your actual Auth0 domain. Eitherjwks
orjwks_uri
is required.scope: The permissions being requested from the user. Common scopes include
openid
,profile
, andemail
.
Important Notes
Ensure that sensitive information such as
client_secret
is stored securely and not exposed in public repositories or logs.Update the placeholders in the configuration with your actual Auth0 account details before deployment.
Test the configuration in a safe environment before moving to production.
Path Configurations
This section outlines the path configuration for handling callbacks from Auth0. The callback endpoint is essential for processing the authentication response after a user logs in.
Callback Handler
This integration handles the callback from Auth0, receiving an authorization code. It exchanges this code for access and ID tokens and returns them to the client.
Login Redirect
This integration facilitates the redirection to the Auth0 login page (/authorize)
, allowing users to authenticate via Auth0. It provides a seamless way to initiate the login process based on the Auth0 configuration.
User Info
This integration retrieves user information from Auth0 using the /userinfo endpoint. It allows applications to access user profile data after successful authentication.
Last updated