npm
Sign UpSign In

@auth0/auth0-api-js

1.0.1 • Public • Published

The @auth0/auth0-api-js library allows for securing API's running on a JavaScript runtime.

Using this SDK as-is in your API may not be trivial, as it is not a plug-and-play library for your framework. Instead, it is designed to be used as a building block for building framework-specific SDKs.

Release Downloads License

📚 Documentation - 🚀 Getting Started - 💬 Feedback

Documentation

  • Docs Site - explore our docs site and learn more about Auth0.

Getting Started

1. Install the SDK

npm i @auth0/auth0-api-js

This library requires Node.js 20 LTS and newer LTS versions.

2. Create the Auth0 SDK client

Create an instance of the ApiClient. This instance will be imported and used anywhere we need access to the methods.

import { ApiClient } from '@auth0/auth0-api-js';

const apiClient = new apiClient({
  domain: '<AUTH0_DOMAIN>',
  audience: '<AUTH0_AUDIENCE>',
});

The AUTH0_DOMAIN can be obtained from the Auth0 Dashboard once you've created an application. The AUTH0_AUDIENCE is the identifier of the API. You can find this in the API section of the Auth0 dashboard.

3. Verify the Access Token

The SDK's verifyAccessToken method can be used to verify the access token.

const apiClient = new apiClient({
  domain: '<AUTH0_DOMAIN>',
  audience: '<AUTH0_AUDIENCE>',
});

const accessToken = '...';
const decodedAndVerfiedToken = await apiClient.verifyAccessToken({
  accessToken
});

the SDK automatically validates claims like iss, aud, exp, and nbf, you can also pass additional claims to be required by configuring requiredClaims:

const apiClient = new apiClient({
  domain: '<AUTH0_DOMAIN>',
  audience: '<AUTH0_AUDIENCE>',
});

const accessToken = '...';
const decodedAndVerfiedToken = await apiClient.verifyAccessToken({
  accessToken,
  requiredClaims: ['my_custom_claim']
});

Feedback

Contributing

We appreciate feedback and contribution to this repo! Before you get started, please read the following:

Raise an issue

To provide feedback or report a bug, please raise an issue on our issue tracker.

Vulnerability Reporting

Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

What is Auth0?

Auth0 Logo

Auth0 is an easy to implement, adaptable authentication and authorization platform. To learn more checkout Why Auth0?

This project is licensed under the MIT license. See the LICENSE file for more info.

Readme

Keywords

Package Sidebar

Install

npm i @auth0/auth0-api-js

Repository

github.com/auth0/auth0-auth-js

Homepage

github.com/auth0/auth0-auth-js#readme

Weekly Downloads

98

Version

1.0.1

License

MIT

Unpacked Size

26.3 kB

Total Files

9

Last publish

Collaborators

  • auth0-oss
  • ziluvatar
  • iaco
  • pubalokta
  • auth0npm
  • auth0brokkr
  • hzalaz
  • aaguiarz
  • charlesrea
  • ncluer
  • julien.wollscheid
  • cristiandouce
  • sambego
  • sandrinodimattia
  • lzychowski
  • davidpatrick0
  • sergii.biienko
  • jpadilla
  • jessele
  • rhamzeh_auth0
  • oktajeffoktajeff
  • david.renaud.okta
  • madhuri.rm23
  • npirani_okta
  • soumya.bodavula
  • jamescgarrett-okta
  • stheller
  • jfromaniello
  • edgarchirivella-okta
  • sanjay.manikandhan
  • rithuc23
  • ece-okta
  • enriquepina
  • dougmiller-okta
  • sgarcia-atko
  • roger.chan
  • joshbetz_auth0
  • andriy0k
Try on RunKit
Report malware