0

I am researching the feasibility of porting an existing Vue 2 app to be an Azure Static Web App (SWA). A requirement is the ability to run the Vue app locally and authenticate against our Auth0 tenant to retrieve a access/bearer token to send along with our HTTP requests.

It appears that a SWA can utilize custom authentication (Auth0), and I was able to complete that successfully by following this article. However, I'm not seeing any information around capturing the access token. There is an /.auth/me/ endpoint which has user information, but that does not contain the access token:

enter image description here

I also looked into the Azure Static Web App Emulator which allows for defining an identity profile when running locally, but I'm not seeing a way to specify an access token here either.

Is it possible at the moment with a SWA to obtain an access token using a custom auth provider when running locally and when published live?

Ryan Buening
  • 1,559
  • 2
  • 22
  • 60

1 Answers1

1

Managed Authentication in Azure is really only useful for fairly simple use cases. I think you're going to want to implement your security directly inside your Vue application.

https://auth0.com/docs/quickstart/spa/vuejs/01-login

You mentioned needing an access token but didn't say where it comes from or what you're doing with it. Are you trying to call an Auth0-secured API?

https://auth0.com/docs/quickstart/spa/vuejs/02-calling-an-api

Derek Gusoff
  • 780
  • 4
  • 6
  • Ah, interesting. I was under the impression that with Azure Static Web Apps it was **required** to utilize the provided security mechanisms. The route I was going down didn't use one of the built-in managed provided registrations. I was attempting to override that with a custom registration as described [here](https://learn.microsoft.com/en-us/azure/static-web-apps/authentication-custom). But what I think you are saying is I am able to just bypass all of that at implement a custom implementation? – Ryan Buening Aug 20 '22 at 14:35
  • 1
    Yes. I'm not familiar with the overrides but I don't see you it will allow you to request an access token. – Derek Gusoff Aug 22 '22 at 13:38