Get an app running with Auth0. This step in the GraphQL tutorial walks you through using Auth0 in an example to-do app tutorial.
USER
which if you recall from the last step is used in our
auth rules, so it needs to match exactly with that name.
Now let’s go to Settings
of our Auth0 app and then go down to view the
Advanced Settings
to check the JWT signature algorithm (OAuth tab) and then
get the certificate (Certificates tab). We will be using RS256
in this example
so let’s make sure it’s set to that and then copy the certificate which we will
use to get the public key. Use the download certificate button there to get the
certificate in PEM
.
file_name
and run the command.
# Dgraph.Authorization
. Next is the VerificationKey
, so
update <AUTH0-APP-PUBLIC-KEY>
with your public key within the quotes and make
sure to have it in a single line and add \n
where ever needed. Then set
Header
to the name of the header X-Auth-Token
(can be anything) which will
be used to send the value of the JWT. Next is the Namespace
name
https://dgraph.io/jwt/claims
(again can be anything, just needs to match with
the name specified in Auth0). Then next is the Algo
which is RS256
, the JWT
signature algorithm (another option is HS256
but remember to use the same
algorithm in Auth0). Then for the Audience
, add your app’s Auth0 client ID.
The updated schema will look something like this (update the public key with
your key) -
network
tab and find a call called token
to get your JWT from its
response JSON (field id_token
).
X-Auth0-Token
and its value as the JWT. Let’s try the query to see the
todos and only the todos the logged-in user created should be visible.
X-Auth0-Token
header with
value as JWT from Auth0 when sending a request.
To do this, we need to update the Apollo client setup to include the header
while sending the request, and we need to get the JWT from Auth0.
The value we want is in the field idToken
from Auth0. We get that by quickly
updating react-auth0-spa.js
to get idToken
and pass it as a prop to our
App
.
X-Auth0-Token
in our case. Let’s update our src/App.js
file.