Skip to main content

One doc tagged with "api"

View All Tags

JWT Verification Starter

Verify JWTs three ways - against a provider's JWKS (Auth0, Clerk, Cognito, Firebase), a static PEM public key, or an HS256 shared secret - then protect a real per-user Postgres resource scoped to the token's sub claim. Reference endpoints for every is_valid_jwt mode plus a working, owner-scoped notes API and a one-call multi:true migration.