Using @custom, send Bearer token that is dynamically generated by Auth0

tommo · October 17, 2020, 5:05pm

Using Slash. I’m using Auth0 as my auth service. I have an API set up that is configured to verify JWT’s generated from my account in Auth0. If tokens is valid, serves up end points. If not… 401. Works like a champ.

I have a @custom in my schema that calls the API endpoint mentioned above. If I turn off JWT verification on the end point, it works great. However, I need to have this secured. Auth0 expects that machine making the call to dynamically generate a JWT.

Is there a way that I can configured my schema to make the Rest API call to Auth0 to get the JWT to then send as the Authorization part of the @custom request?

gja · October 21, 2020, 12:42pm

Hi @tommo,

Sorry for the late response. I think what you are describing is the JWK framework to dynamically get JWT keys. I believe support for this has just landed in master, and you can expect to see support in Slash GraphQL early next month.

Tejas

Topic		Replies	Views
Putting it All Together - Dgraph Authentication, Authorization, and Granular Access Control (PART 3) - Dgraph Blog Blog	0	792	October 9, 2020
Using Auth0 - Graphql Documentation	5	852	February 23, 2021
Issue with Slash GraphQL Authentication Dgraph Cloud / Slash GraphQL	5	1005	March 9, 2021
Auth0 custom header failing OPTIONS request GraphQL kind:bug	2	509	October 4, 2020
Protect GQL endpoint Dgraph Cloud kind:question , dgraph	1	529	September 21, 2020

Using @custom, send Bearer token that is dynamically generated by Auth0

Related topics