This is a specific example of how to add an Auth0 JWT Signer.
Auth0 is an identity platform for development teams which provides developers and enterprises with the building blocks they need to secure their applications. If you don't already have an account you can sign up for a free account at https://auth0.com/signup
Adding a new Application in Auth0
Once you have an account setup you can add a new "Application":
Then click on the "Create Application":
Then Create a "Single Page Web Application":
Gathering Information from Auth0
In order to setup the new JWT Signer we'll need to get some information from the new Auth0 Application that was just created
First let's get the Client Id and Domain from the settings page:
The rest of the information is easier to get from the Open Id Configuration endpoint & you can reach it by using your Domain in the URL:
https://{ Your Domain }//.well-known/openid-configuration
An example would be https://external-jwt.us.auth0.com/.well-known/openid-configuration
To view this information in a better format, we suggest using a browzer extension like JsonView
Adding an Auth0 JWT Signer
You an access & manage the JWT Signers in the console by finding the icon on the left hand side navigation menu:
and then clicking on the "JWT Signers" tab on the top navigation menu:
To add a new JWT Signer, click on the symbol at the top right of the page.
The new JWT Signer dialog will open:
Fields coming from Auth0
!!! Please Note: Auth0 requires the trailing slash on the issuer!
Issuer: OpenId Configuration endpoint field "issuer"
Audience: The Client ID
JWKS Endpoint: OpenId Configuration endpoint field "jwks_uri"
External Auth URL: OpenId Configuration endpoint field "authorization_endpoint"
Please refer to the JWT Signers for more detail
Once you have created the JWT Signer it can be assigned to a Authentication Policy
Comments
0 comments