I've got a question about JWTs. I'm using NextJS i...
# support-questionso
oldhack
11/28/2022, 5:31 PMI've got a question about JWTs. I'm using NextJS integration with sessions and JWTs. I have another service (on another domain) I would like to be able to make authenticated API requests to. Could I just pass the JWT in a header to that other service and verify the JWT against the nextjs JWKS endpoint? You folks are the auth experts, is this ok? Not ok? Hard? Easy? Stupid?
r
rp
11/28/2022, 6:02 PMhey @oldhack
rp
11/28/2022, 6:02 PMyea absolutely! that works well.
o
oldhack
11/28/2022, 6:03 PM🙌
oldhack
11/28/2022, 6:04 PMJust a q, is this middleware something that would be useful in supertokens-node? Or is it really a "you could do it this way, but we don't want to particularly endorse it"
r
rp
11/28/2022, 6:05 PM> is this middleware something that would be useful in supertokens-node?
What do you mean?
o
oldhack
11/28/2022, 6:18 PMI see supertokesn-node has verifySession middleware in supertokens-node, but there's no verifyToken or verifyJWT middleware. Would it be useful? Honestly, I'm loving supertokens so much, I'm angling to contribute in any way I can
r
rp
11/29/2022, 5:43 AMthere is no such middleware at the moment, but we are working on it soon.
Essentially have a version of getSession which takes the access token as an input
2 Views