I am currently using apollo with express. Now I want to add auth0 to the resolvers but could not find docs about it (altought, graphcool is using it). Normally, you do the following in node:
const checkJwt = jwt({
// Dynamically provide a signing key
// based on the kid in the header and
// the singing keys provided by the JWKS endpoint.
secret: jwksRsa.expressJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: `https://YOUR_AUTH0_DOMAIN/.well-known/jwks.json`
}),
// Validate the audience and the issuer.
audience: '{YOUR_API_IDENTIFIER}',
issuer: `https://YOUR_AUTH0_DOMAIN/`,
algorithms: ['RS256']
});
then you add:
app.use(checkJwt)
and your api's roots are secured waiting for the access_token
.
How can I set up apollo server - express with this?
You can add checkJwt before Apollo Server. An example:
In this example, decoded token is passed to resolvers in the context.