Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/curityio/serverless-zero-trust-vercel-api

A serverless zero trust OAuth 2.0 protected API for Vercel deployment, protected with self-contained JWTs
https://github.com/curityio/serverless-zero-trust-vercel-api

api claims code-example jwt-validation oauth2 scopes self-contained-jwt serverless vercel

Last synced: about 2 months ago
JSON representation

A serverless zero trust OAuth 2.0 protected API for Vercel deployment, protected with self-contained JWTs

Host: GitHub
URL: https://github.com/curityio/serverless-zero-trust-vercel-api
Owner: curityio
License: apache-2.0
Created: 2021-10-07T22:12:56.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2022-03-28T16:33:26.000Z (almost 3 years ago)
Last Synced: 2023-12-07T23:28:32.330Z (about 1 year ago)
Topics: api, claims, code-example, jwt-validation, oauth2, scopes, self-contained-jwt, serverless, vercel
Language: TypeScript
Homepage: https://curity.io/resources/learn/serverless-zero-trust-api-on-vercel/
Size: 25.4 KB
Stars: 1
Watchers: 5
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Serverless Zero Trust Vercel API

[![Quality](https://img.shields.io/badge/quality-experiment-red)](https://curity.io/resources/code-examples/status/)
[![Availability](https://img.shields.io/badge/availability-source-blue)](https://curity.io/resources/code-examples/status/)

A serverless zero trust API for Vercel deployent protected with self contained JWTs

## Create Certificats

Run `createCerts.sh` to generate a certificate trust chain for testing purposes. Import the certificates in the Curity Identity Server.

## Deploy the code to Vercel

Install the Vercel client
```sh
brew install vercel-cli
```

Install dependencies
```sh
npm install
```

Deploy the code to Vercel and provide the `ISS`, `AUD`, `ALG` and `CERT_LOCATION` env variables in the deploy command or configure the environment variables in the Vercel Web UI.
```sh
vercel --env ISS=https://idsvr.example.com/oauth/v2/oauth-anonymous --env AUD=www --env ALG='RS256' --env CERT_LOCATION='../certs' deploy
```

Optionally promote to production
```sh
vercel --prod
```

## Testing the code
Run a flow that obtains a JWT access token then call the Vercel deployed API. Further details in the [Securing a Serverless API on Vercel using JWTs](https://curity.io/resources/learn/serverless-zero-trust-api-on-vercel) article.

## Further Information

Please visit [curity.io](https://curity.io/) for more information about the Curity Identity Server.