Forum Discussion

kbcb's avatar
kbcb
New Contributor
6 years ago

OAuth via Auth0 with a JWT

My application's UI authenticates with Auth0 and sends a JWT with each request to my server in the Authorization header.

How do I achieve this behavior with swagger ui? I am hosting my Swagger UI using the swagger-ui-express node.js module. 

I am able to get Swagger UI to authenticate with Auth0 using the following security definition:

securityDefinitions:
  auth0:
    type: oauth2
    flow: authorizationCode
    authorizationUrl: https://XXX.auth0.com/authorize
    tokenUrl: https://XXX.auth0.com/oauth/token
    scopes: {}

And swagger even passes a value in the Authorization (bearer) header of my requests.. But, the bearer token does not appear to be a JWT, which my server is expecting.

Swagger UI
  • nmrao's avatar
    nmrao
    Champion Level 3
    6 years ago
    Not sure if this helps!

    How do I test the service if no Swagger UI?
    Alternatives SoapUI or Postman or write code to test, I can think of where you can generate JWT token and pass it as header parameter.
    • kbcb's avatar
      kbcb
      New Contributor
      6 years ago
      This did not end up helping me. It seems this is a fundamental flaw with swagger-ui and I just need to wait for them to support more oauth methods.
      • kyleshockey's avatar
        kyleshockey
        SmartBear Alumni (Retired)
        6 years ago

        kbcb, are you sure your Auth0 instance is configured to hand back an Access Token as a JWT?

         

        Swagger UI just uses token that it is given by the tokenUrl, so this is probably an issue with your auth provider.

  • _blee_'s avatar
    _blee_
    New Member
    6 years ago

    kbcb 

     

    I hope this reply isn't too late! but your only problem is that you didn't specify scope, so it returns an opaque token.  Use "openid" at the very least for scope, and you will be returned the proper token.

     

    /blee/