It is easy to secure your Modus app with authentication. Modus currently
supports bearer token authentication, with additional authentication methods
coming soon.
Modus supports authentication via the Authorization header in HTTP requests.
You can use the Authorization header to pass a bearer JSON Web Token (JWT) to
your Modus app. The token authenticates the user and authorize access to
resources.To use bearer token authentication for your Modus app, be sure to set the auth
property on your endpoint to "bearer-token" in your
app manifest.
Once set, Modus verifies tokens passed in the Authorization header of incoming
requests against the public keys you provide. To enable this verification, you
must pass the public keys using the MODUS_PEMS or MODUS_JWKS_ENDPOINTS
environment variable.The value of the MODUS_PEMS or MODUS_JWKS_ENDPOINTS environment variable
should be a JSON object with the public keys as key-value pairs. This is an
example of how to set the MODUS_PEMS and MODUS_JWKS_ENDPOINTS environment
variable:
Copy
Ask AI
export MODUS_PEMS='{\"key1\":\"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJ9z1z1z1z1z1z\\n-----END PUBLIC KEY-----\"}'
When deploying your Modus app on Hypermode, the bearer token authentication is
automatically set up.
To verify the token, Modus uses the public keys passed via the MODUS_PEMS
environment variable. If the token is verifiable with any of the verification
keys provided, Modus decodes the JWT token and passes the decoded claims as an
environment variable.
The decoded claims are available through the auth API in the Modus SDK.To access the decoded claims, use the getJWTClaims() function. The function
allows the user to pass in a class to deserialize the claims into, and returns
an instance of the class with the claims.This allows users to access the claims in the token and use them to authenticate
and authorize users in their Modus app.
