Auth0
This document outlines the configuration settings for integrating Auth0 with a Serverless API Gateway.
Configuration Parameters
{
"authorizer": {
"type": "auth0",
"domain": "your-auth0-domain.auth0.com",
"client_id": "your-client-id",
"client_secret": "your-client-secret",
"redirect_uri": "https://your-api-url/api/v1/auth0/callback",
"jwks": "{JSON Escaped JWKS}",
"jwks_uri": "https://your-auth0-domain.auth0.com/.well-known/jwks.json",
"scope": "openid profile email"
}
}
Parameters Explained
type: Specifies the type of authorizer being used. In this case, it is set to "auth0".
domain: The Auth0 domain associated with your account. Replace
your-auth0-domain
with your actual Auth0 domain.client_id: The unique identifier for your Auth0 application. Replace
your-client-id
with your actual client ID.client_secret: The secret key associated with your Auth0 application. Replace
your-client-secret
with your actual client secret.redirect_uri: The URI to which Auth0 will redirect users after authentication. Replace
https://your-api-url/api/v1/auth0/callback
with your actual callback URL.jwks: A JSON Web Key Set (JWKS) containing the public keys used to verify the JWT signatures. Replace the values in the
n
,kid
,x5t
, andx5c
fields with your actual key values. Eitherjwks
orjwks_uri
is required.jwks_uri: The URI to retrieve the JWKS from Auth0. Replace
your-auth0-domain
with your actual Auth0 domain. Eitherjwks
orjwks_uri
is required.scope: The permissions being requested from the user. Common scopes include
openid
,profile
, andemail
.
Important Notes
Ensure that sensitive information such as
client_secret
is stored securely and not exposed in public repositories or logs.Update the placeholders in the configuration with your actual Auth0 account details before deployment.
Test the configuration in a safe environment before moving to production.
Path Configurations
This section outlines the path configuration for handling callbacks from Auth0. The callback endpoint is essential for processing the authentication response after a user logs in.
Callback Handler
{
"method": "GET",
"path": "/api/v1/auth0/callback",
"integration": {
"type": "auth0_callback"
}
}
This integration handles the callback from Auth0, receiving an authorization code. It exchanges this code for access and ID tokens and returns them to the client.
Login Redirect
{
"method": "GET",
"path": "/api/v1/auth0/callback-redirect",
"integration": {
"type": "auth0_callback_redirect"
},
"auth": false
}
This integration facilitates the redirection to the Auth0 login page (/authorize)
, allowing users to authenticate via Auth0. It provides a seamless way to initiate the login process based on the Auth0 configuration.
User Info
{
"method": "GET",
"path": "/api/v1/auth0/profile",
"integration": {
"type": "auth0_userinfo"
},
"auth": true
}
This integration retrieves user information from Auth0 using the /userinfo endpoint. It allows applications to access user profile data after successful authentication.
Last updated