Link to home
Start Free TrialLog in
Avatar of Cristian Tala Sánchez
Cristian Tala SánchezFlag for Chile

asked on

Auth0 + JWT + NodeJS + Express End-user authentication (Login)

Has been almost a year that I switch to Auth0 in order to manage my customer's access to the dashboard of my application. Nowadays I need to implement access for a RESTFULL API.

If I follow the instructions in order to secure the NodeJS app using JWT it works like a charm. The issue is that I am not properly sure on the implementation for the end user in order to get the token needed for access this API.

I thought of creating the tokens on the dashboard or just use a server side implementation for the login/authentication. I did the last using the access to my own database before and worker amazingly. My issue is that I am not completely sure on how to do it for the end user using Auth0.

Would be great if you can guide me in order to implement the login/authentication side of the API using auth0 and nodejs.
Avatar of David Favor
David Favor
Flag of United States of America image
So long as your connection is SSL/TLS wrapped, then you can create tokens any way you like + no one will be able to figure these out by just scrapping the line.

Just create a random 32 byte alpha-numeric code. I suggest sticking with alpha-numeric, so these strings are easy to cut + paste.

Remember, adding special characters provides no real security benefits. Real security comes from length of random string. The longer, the better.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.