https://github.com/curityio/serverless-zero-trust-vercel-api
A serverless zero trust OAuth 2.0 protected API for Vercel deployment, protected with self-contained JWTs
https://github.com/curityio/serverless-zero-trust-vercel-api
api claims code-example jwt-validation oauth2 scopes self-contained-jwt serverless vercel
Last synced: 7 months ago
JSON representation
A serverless zero trust OAuth 2.0 protected API for Vercel deployment, protected with self-contained JWTs
- Host: GitHub
- URL: https://github.com/curityio/serverless-zero-trust-vercel-api
- Owner: curityio
- License: apache-2.0
- Created: 2021-10-07T22:12:56.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2022-03-28T16:33:26.000Z (over 3 years ago)
- Last Synced: 2025-01-30T13:31:08.257Z (8 months ago)
- Topics: api, claims, code-example, jwt-validation, oauth2, scopes, self-contained-jwt, serverless, vercel
- Language: TypeScript
- Homepage: https://curity.io/resources/learn/serverless-zero-trust-api-on-vercel/
- Size: 25.4 KB
- Stars: 2
- Watchers: 5
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Serverless Zero Trust Vercel API
[](https://curity.io/resources/code-examples/status/)
[](https://curity.io/resources/code-examples/status/)
A serverless zero trust API for Vercel deployent protected with self contained JWTs
## Create Certificats
Run `createCerts.sh` to generate a certificate trust chain for testing purposes. Import the certificates in the Curity Identity Server.
## Deploy the code to Vercel
Install the Vercel client
```sh
brew install vercel-cli
```
Login to Vercel
```sh
vercel login
```
Install dependencies
```sh
npm install
```
Deploy the code to Vercel and provide the `ISS`, `AUD`, `ALG` and `CERT_LOCATION` env variables in the deploy command or configure the environment variables in the Vercel Web UI.
```sh
vercel --env ISS=https://idsvr.example.com/oauth/v2/oauth-anonymous --env AUD=www --env ALG='RS256' --env CERT_LOCATION='../certs' deploy
```
Optionally promote to production
```sh
vercel --prod
```
## Testing the code
Run a flow that obtains a JWT access token then call the Vercel deployed API. Further details in the [Securing a Serverless API on Vercel using JWTs](https://curity.io/resources/learn/serverless-zero-trust-api-on-vercel) article.
## Further Information
Please visit [curity.io](https://curity.io/) for more information about the Curity Identity Server.