Skip to content

Latest commit

 

History

History
58 lines (37 loc) · 4.71 KB

README.md

File metadata and controls

58 lines (37 loc) · 4.71 KB

Lab: Add Authorization to Your API with Okta FGA and Auth0

Move authorization outside of your application code to a single solution! Design fine-grained models that are centralized, flexible, fast, scalable, and testable.

This Okta Training hands-on lab walks you adding authorization to an API using Okta FGA. You’ll add authorization to an API that we provide you with and register the associated client web application with Auth0 as an identity provider.

The application is a simplified Google Drive-style application to demonstrate how to use Okta FGA to handle fine-grained authorization (FGA) on a per-resource level.

A user can log in, add files (pictures only), and create folders. Uploaded files are only visible to a user by default. They can choose to either share a file directly with other users or share folders (or subfolders), and all files contained within them will be shared automatically. Files can be shared with other users available in the Auth0 tenant; the application will look for them based on their email address.


How to Get Started with this Lab

Create Required Free Accounts

  1. A GitHub account with Codespaces access (you can use the free plan, which gives you 60 hours of use per month). Create a free account here if you do not already have one.

    ⚠️ Note to internal Okta employees: Do NOT use your EMU (Enterprise-managed user) account since Codespaces are disabled.

  2. An Auth0 account: You'll also need an Auth0 account. You should use a new account for our labs so that you have a fresh tenant. Register for one here.

Accessing and Working with Auth0 Labs

  1. After logging into GitHub, open the lab repo in a Codespace: From the Code dropdown menu of this branch, toggle to the Codespaces tab. Click the plus sign to create and open the lab in a Codespace. A new tab will open, and Codespaces will begin configuring the lab environment. Wait for the environment to finish building.
  2. Begin working with the lab: Once the environment is ready you'll see a Codetour popup with instructions for connecting the lab to your Auth0 account. This can take some time, as the environment is installing several extensions and libraries to facilitate the lab. Once it is complete, you can open the Codetour to view all steps using the panel in the lower right. At this point, you should follow the remainder of the instructions within Codetour!

Notes:

  • If you'd like to save your work to your own fork: You can commit and push your changes to a fork of this repo. (See: Using Source Control in Your Codespace).
  • Close the Codespace when you're finished with the lab: Codespaces come with a set amount of free usage. To avoid using all of your free use allocation, be sure to return to the forked repo, select the "Code" dropdown, select the dots next to your open Codespace, and select "Delete." This will not delete your forked repository. You can keep that forever, and open a new Codespace whenever you like.
  • Questions? Check out our Lab FAQs!

What is Auth0?


Auth0 helps you to:

  • Add authentication with multiple authentication sources, either social like Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, among others, or enterprise identity systems like Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider.
  • Add authentication through more traditional username/password databases.
  • Add support for linking different user accounts with the same user.
  • Support for generating signed JSON Web Tokens to call your APIs and flow the user identity securely.
  • Analytics of how, when, and where users are logging in.
  • Pull data from other sources and add it to the user profile, through JavaScript rules.

Issue Reporting


If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

Author


Auth0

License


This project is licensed under the MIT license. See the LICENSE file for more info.