⚡
Serverless API Gateway Documentation
Creator
⚡
Serverless API Gateway Documentation
  • Serverless API Gateway
  • Getting Started
    • Introduction
    • Cost
  • Configuration
    • Overview
    • Servers
    • Service Binding
    • Paths
      • Add and Remove Prefix
    • Authorizer
    • CORS
    • Variable Mapping
      • Priority Variables
    • Integrations
      • Auth0
  • Deployment
    • Wrangler
    • GitHub Actions
  • Glossary
    • A
      • API (Application Programming Interface)
      • API Endpoint
      • API Gateway
      • API Key
      • API Rate Limiting
      • Asynchronous Operation
      • Authentication
      • Authorization
    • B
      • Backend as a Service (BaaS)
      • Blueprint
    • C
      • Cache
      • CDN (Content Delivery Network)
      • CI/CD (Continuous Integration/Continuous Deployment)
      • Client
      • Client-Side Rendering (CSR)
      • Cloud Service Provider (CSP)
      • Cluster
      • Container
      • Continuous Delivery
      • Continuous Integration
      • Cron Job
    • D
      • Data Lake
      • Data Warehousing
      • Database
      • Deployment
      • DevOps
      • Distributed System
      • DNS (Domain Name System)
      • Docker
      • Domain
    • E
      • Edge Computing
      • Elasticity
      • Endpoint Security
      • Environment Variables
      • Event-Driven Architecture
    • F
      • Fault Tolerance
      • Firewall
      • Function as a Service (FaaS)
    • G
      • Git
      • GraphQL
    • H
      • Hashing
      • High Availability (HA)
      • HTTP (Hypertext Transfer Protocol)
      • HTTPS (Hypertext Transfer Protocol Secure)
    • I
      • Infrastructure as a Service (IaaS)
    • J
      • JSON (JavaScript Object Notation)
    • K
      • Kubernetes
    • L
      • Latency
      • Load Balancer
      • Logging
    • M
      • Microservices
      • Middleware
      • Migration
      • Mocking
      • Monolithic Architecture
      • Multi-Cloud
    • N
      • Network Protocol
    • O
      • OAuth
      • Object Storage
      • Orchestration
    • P
      • PaaS (Platform as a Service)
      • Payload
      • Performance Testing
      • Plugin
      • Private Cloud
      • Public Cloud
      • Pull Request
    • Q
      • Query Language
      • Query Parameters
      • Queue
    • R
      • Rate Limiting
      • Real-Time Processing
      • Redundancy
      • Refactoring
      • Regression Testing
      • Repository
      • REST (Representational State Transfer)
      • Rollback
    • S
      • SaaS (Software as a Service)
      • Scalability
      • Schema
      • SDK (Software Development Kit)
      • Service Mesh
      • Session
      • SLA (Service Level Agreement)
      • SOAP (Simple Object Access Protocol)
      • State
      • Stateless
      • Static Site Generator
      • Storage
      • Stress Testing
      • Swagger (OpenAPI)
Powered by GitBook
On this page
  • Configuration Parameters
  • Parameters Explained
  • Important Notes
  • Path Configurations
Edit on GitHub
  1. Configuration
  2. Integrations

Auth0

This document outlines the configuration settings for integrating Auth0 with a Serverless API Gateway.

Configuration Parameters

{
    "authorizer": {
        "type": "auth0",
        "domain": "your-auth0-domain.auth0.com",
        "client_id": "your-client-id",
        "client_secret": "your-client-secret",
        "redirect_uri": "https://your-api-url/api/v1/auth0/callback",
        "jwks": "{JSON Escaped JWKS}",
        "jwks_uri": "https://your-auth0-domain.auth0.com/.well-known/jwks.json",
        "scope": "openid profile email"
    }
}

Parameters Explained

  • type: Specifies the type of authorizer being used. In this case, it is set to "auth0".

  • domain: The Auth0 domain associated with your account. Replace your-auth0-domain with your actual Auth0 domain.

  • client_id: The unique identifier for your Auth0 application. Replace your-client-id with your actual client ID.

  • client_secret: The secret key associated with your Auth0 application. Replace your-client-secret with your actual client secret.

  • redirect_uri: The URI to which Auth0 will redirect users after authentication. Replace https://your-api-url/api/v1/auth0/callback with your actual callback URL.

  • jwks: A JSON Web Key Set (JWKS) containing the public keys used to verify the JWT signatures. Replace the values in the n, kid, x5t, and x5c fields with your actual key values. Either jwks or jwks_uri is required.

  • jwks_uri: The URI to retrieve the JWKS from Auth0. Replace your-auth0-domain with your actual Auth0 domain. Either jwks or jwks_uri is required.

  • scope: The permissions being requested from the user. Common scopes include openid, profile, and email.

Important Notes

  • Ensure that sensitive information such as client_secret is stored securely and not exposed in public repositories or logs.

  • Update the placeholders in the configuration with your actual Auth0 account details before deployment.

  • Test the configuration in a safe environment before moving to production.

Path Configurations

This section outlines the path configuration for handling callbacks from Auth0. The callback endpoint is essential for processing the authentication response after a user logs in.

Callback Handler

{
    "method": "GET",
    "path": "/api/v1/auth0/callback",
    "integration": {
        "type": "auth0_callback"
    }
}

This integration handles the callback from Auth0, receiving an authorization code. It exchanges this code for access and ID tokens and returns them to the client.

Login Redirect

{
    "method": "GET",
    "path": "/api/v1/auth0/callback-redirect",
    "integration": {
        "type": "auth0_callback_redirect"
    },
    "auth": false
}

This integration facilitates the redirection to the Auth0 login page (/authorize), allowing users to authenticate via Auth0. It provides a seamless way to initiate the login process based on the Auth0 configuration.

User Info

{
    "method": "GET",
    "path": "/api/v1/auth0/profile",
    "integration": {
        "type": "auth0_userinfo"
    },
    "auth": true
}

This integration retrieves user information from Auth0 using the /userinfo endpoint. It allows applications to access user profile data after successful authentication.

PreviousIntegrationsNextWrangler

Last updated 6 months ago