Hi guys, I have a doubt about how I integrate Prisma with Auth0. - Frontend redirect to Auth0 login page, user do the auth - Auth0 redirect with the JWT token to Frontend - Frontend make a call to prisma with the JWT - Prisma receive the token and here is the question How the prisma server validate this JWT of auth0? Thanks guys!

here's an example: https://github.com/LawJolla/prisma-auth0-example

Thanks @Bro

Hi @Philippe, to answer your question, if your server is using RS256 like in my example (and it should -- much more secure than synchronous HS256.. you can read more about it at Auth0), your server verifies that the token was signed by your Auth0 API

@lawjolla I saw waht you did on your code, you get the auth0 public key and verify the token signature right?

Yes. Auth0 rotates the public keys through the .well-known.json file

Oh, he do a rotate then?

Yes, they rotate them on their own. If you use their middleware package, it maintains a cache and refetches at a set interval that you can control

Got it

It can be frustrating to set up, but I really like it once it works.

Do you have a video developing that code?

No I don't, but I'm happy to answer any questions about it. I'll be updating it at some point this month too to include a few new features

Nice, thanks for your help! 😄

Absolutely! Good look and fire back with any questions. That boilerplate has had a good number of people go through it, so I'm confident in the code. I think the hard part is setting up your Auth0 console. The boilerplate assumes you're good at the console. If you run into issues, assume there's some mismatch between the console settings and/or your environment variables