Authenticating client requests

thinkmorestupidless · June 1, 2022, 6:08am

quick question about suggested/intended patterns for authentication of client requests…

if i’m using OAuth to secure my client requests (and to identify the user making requests and authorise them) is that something that Kalix can support? Or should it be done elsewhere (e.g. an API Gateway sitting in front of the Kalix backend services?

for instance, if i’m using Auth0 i can have my users sign-up and login on the client side application and configure callbacks into the Kalix service(s) to create the users there, but when those clients make calls to the backend to interact with my application can i, in Kalix services, get the token from the header, validate it, etc?

jroper · June 1, 2022, 2:58pm

We would recommend using Kalix’s JWT support for this:

In such a setup, you would have Auth0 issue JWT based access tokens, as described here:

You can then configure the Auth0 JWT signing key to be trusted by Kalix, and then submit the Auth0 issued tokens as a bearer token, and Kalix will validate it and be able to authenticate the user.

thinkmorestupidless · June 1, 2022, 3:21pm

That’s excellent news, thanks James i’ll take a look at the documentation more closely

T

maristi · November 18, 2022, 1:46am

Hi, T, did you get this working? I’m struggling with it now, mind taking a look at my post?

Topic		Replies	Views
Struggling with authentication	3	279	November 19, 2022
How to access request client ip?	5	679	November 29, 2022
Kalix CLI login issue with SSL Proxy	12	995	December 5, 2023
Pass metadata to Kalix service from Play	2	386	April 20, 2023
Pass metadata to grpc client in integration tests	7	420	March 20, 2023

Authenticating client requests

Related topics