Bearer tokens
Modus supports authentication via theAuthorization header in HTTP requests.
You can use the Authorization header to pass a bearer JSON Web Token (JWT) to
your Modus app. The token authenticates the user and authorize access to
resources.
To use bearer token authentication for your Modus app, be sure to set the auth
property on your endpoint to "bearer-token" in your
app manifest.
Setting verification keys
Once set, Modus verifies tokens passed in theAuthorization header of incoming
requests against the public keys you provide. To enable this verification, you
must pass the public keys using the MODUS_PEMS environment variable.
The value of the MODUS_PEMS environment variable should be a JSON object with
the public keys as key-value pairs. This is an example of how to set the
MODUS_PEMS environment variable:
When deploying your Modus app on Hypermode, the bearer token authentication is
automatically setup.
Verifying tokens
To verify the token, Modus uses the public keys passed via theMODUS_PEMS
environment variable. If the token is verifiable with any of the verification
keys provided, Modus decodes the JWT token and passes the decoded claims as an
environment variable.
Accessing claims
The decoded claims are available through theauth API in the Modus SDK.
To access the decoded claims, use the getJWTClaims() function. The function
allows the user to pass in a class to deserialize the claims into, and returns
an instance of the class with the claims.
This allows users to access the claims in the token and use them to authenticate
and authorize users in their Modus app.