next.jsauth0

Auth0 Nextjs to Protected Api


I have set up nextjs with auth0. I want to protect an api and use the access token for connecting to auth0 in clientside and serverside api calls.

I want api routes such as Examples/Me

Where in the api i will be able to get the auth0 id from the token.

Is this possible? I can only find documentation on client credentials flow / machine to machine....

How can i specify the audience in my nextjs app?

Alternatively can anyone reccomend an alternative solution? Other than azure b2c... im sick of that!


Solution

  • Figured it out...

    Needed to amend this file app/api/auth/[auth0]/route.ts

    export const GET = handleAuth({
      login: handleLogin({
        authorizationParams: {
          audience: "https://audience", 
          scope: "openid profile email offline_access",
        },
      }),
    });