Jwt authorization

Sid303 · October 19, 2022, 12:12pm

I’m working on a new application where we own the front end and backend. I’ve created the okta config using SPA with authorization with pkce grant flow for front end and client credentials flow for backend java (both OIDC).
Once I get the id token and access token in react using sdk, how to authorize the jwt token?

Do I need to use aws gateway to authorize it or it can be done in backend using any server side language like JAVA.

We have multiple consumers who will use our backend along with us so want to know what is the correct way to approach this scenario.

andrea · October 19, 2022, 3:19pm

Typically, your backend would accept the user’s Access Tokens as bearer auth in the request headers and validate it server-side. Highly recommend that if you have multiple OIDC clients sending tokens to this same resource server that they share an authorization server (will make the validation simpler that way).

Sid303 · October 19, 2022, 3:39pm

Sure thank you, will try it.

Post		Replies	Views
Access protected resource server from SPA Questions	4	3820	September 1, 2022
How to get JWT token in back end? API	1	2170	May 17, 2023
Getting access token for SPA and server to server api access OAuth/OIDC	2	7011	June 8, 2018
Troubles getting my accessToken in my java backend app OAuth/OIDC java	2	6194	July 19, 2017
Best way to have 1 front controller for 2 okta applications Questions api , php , javascript	4	2680	May 27, 2022

Jwt authorization

Related topics