0

I plan to use Auth0 as my authentication service, and I'd like to know if Auth0 ID_Token, returned from Auth0 in Step 1, can be used as a unique ID for a user (i.e., it won't change during the whole life cycle of a registered user for my app).

enter image description here

In the above diagram, Action 3 will post an article (e.g, blog entry) to my app. And the app needs to be able to

  1. show who published a particular article;
  2. a user should be able to find out all the articles that she published.

Here are my questions:

  1. Will the ID_Token from Auth0 always been same for a user, so that I can use that as my user_id?
  2. If the answer to the above question is yes, how can Step 3 (post the article Restful call) carry such a token so that my Table_Article is able to use such an ID as a field?
  3. Do I need maintain a Table_User in my DynamoDB on my AWS service side?
chen
  • 4,302
  • 6
  • 41
  • 70
  • This question http://stackoverflow.com/questions/40695511/choosing-user-id-in-application-that-relies-on-auth0-for-facebook-authentication answered my Question 1, i.e., there exist a unique ID from Auth0 that I can treat as user_id within my app. Still need answers to my question 2 and 3. – chen May 02 '17 at 18:36
  • For question 3, the OP of this question http://stackoverflow.com/questions/38626438/using-auth0-user-id-for-database seemed to choose not to maintain a table on his service side. But I'd like to understand whether that's a sound decision for the above scenario. – chen May 02 '17 at 18:46
  • You can pass the token in a header field which can then be passed on to the Lambda function if auth succeeds. – Ritisha - AWS May 04 '17 at 23:31
  • 1
    For your use-case, you can consider using [Cognito User Pools](http://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html), which will pass all the identity information in the JWT itself. API Gateway provides first-part support for Cognito User Pools. – Ritisha - AWS May 04 '17 at 23:31
  • @Ritisha-AWS, is there an example code repo or tutorial for react developer to follow toward this route? thanks! – chen May 06 '17 at 18:00
  • 1
    @chen Cognito user pools has a code repo with an example in react https://github.com/aws/amazon-cognito-identity-js/tree/master/examples/babel-webpack. There is a npm package for easy integration too https://www.npmjs.com/package/react-cognito – Abhigna Nagaraja May 14 '17 at 20:02
  • @Ritisha-AWS, thanks for the link. It only shows the client (browser) side of logic. What should I do on the API-Gateway side (I guess I need to configure something, such as authentication lambda)? – chen May 17 '17 at 07:23

0 Answers0