Protect your API on Python
Last updated
Last updated
For demonstration, we use the Flask app and package to create the require_auth decorator to validate the token's signature, expiration status, and required claims.
You will need a JWK public key set and the token issuer to verify the signature and source of the received JWS token. All the public Auth Authorization Configurations can be found at https://your-auth-domain/.well-known/openid-configuration.
e.g. Call https://nightly-accounts-api.complyment.com/.well-known/openid-configuration. And locate the following two fields in the response body: