K
Kinde3mo ago
theAiGuy

AWS API Gateway JWT Check

Hey all, this might be a very beginner question. I am looking to validate the JWT on incoming requests in my AWS API Gateway. If I can avoid using a lambda that would be good as its one less managed service to worry about. The screenshot I provided is what I need to fill in to do a third-party JWT verification on API Gateway. Is this possible with Kinde? If so, can someone please recommend the documentation page and/or where within the Kinde UI I can find what to enter. Thanks 🙏
No description
6 Replies
Oli - Kinde
Oli - Kinde3mo ago
Hey @theAiGuy, We don't classify any questions as beginner questions. They may be beginner to one person and an expert question to someone else. You can use Kinde to validate JWTs for incoming requests in your AWS API Gateway. Kinde supports JWT verification, which you can configure to work with AWS API Gateway. Here’s how you can find the necessary information to fill in the AWS API Gateway fields: 1. Name: This is a label for your identity provider configuration in AWS API Gateway. You can name it something like "KindeJWTVerification". 2. Identity Source: This typically refers to the location in the request where the JWT token will be found. Commonly, it is set to $request.header.Authorization. 3. Issuer URL: This is the URL of the server that issued the JWT. You can find this in your Kinde dashboard under the settings for your specific application. 4. Audience: This is intended to ensure that the JWT was intended to be given to your API. You set this in Kinde when you register your API. It will be part of the JWT’s aud claim. If you need further assistance, feel free to reach out!
theAiGuy
theAiGuy2mo ago
@Oli - Kinde thanks so much for that! I appreciate it. I just had a look in my token and currently Im receiving "aud": [], Can I update the audience after the API has been registered? @Oli - Kinde I figured it out, thanks for your help anyway 🙂 In the UI I wasn't adding the aud to the provider.
Oli - Kinde
Oli - Kinde2mo ago
Great to hear you figured it out! Please don't hesitate to reach out if you have any other questions.
SK
SK2mo ago
Correct me if, I understand incorrectly. In this way, we don't need to run any lambda function to validate the request. We can simply validate with this approach and then forward the request to the desired service?
Oli - Kinde
Oli - Kinde2mo ago
Yes, that's correct! By using Kinde for JWT validation in AWS API Gateway, you can validate the JWT directly without needing to run a Lambda function.
SK
SK2mo ago
It's great. Thank you 🙂
Want results from more Discord servers?
Add your server
More Posts
How to update Kinde account payment?I'm trying to change my payment method (new credit card) but I can't find where to do so in Kinde.Kinde sign-in screen register link means no new orgHi there, I've got a NextJS app using the SDK and also the Kinde API on other sections. Basically IAuth0 import - file too largeI'm looking to import from Auth0 but I'm getting a warning that my file is too large. I have 178K usOrganizations API doesn't provide full functionalityThe Organizations API allows us to update an organization but certain fields we aren't able to retriInability to update certain Application fields via APIIt looks at though certain fields of an Application are not updatable via the API (nor retrievable).Automatically adding user to organization on sign-in (not sign-up)I understand that if a user is signing up, they can automatically be added to the organization speciIs there a way to change *when* email verification comes up in the sign-up flow?I have been working on a software product built in Remix.run framework and I am implementing Kinde How to organise API Tests with REST and Kinde?I have a restful api that I'd like protect with help of Kinde. How it is supposed to do an api testnuxt ssr`$auth` is `null` in a Vue component, which makes Kinde unusable for me (existing site). Appears comToken expired issuesHi, I'm using Kinde with Next.js It seems like the token is note refreshed automatically when it ha