4

I have an own OAuth2 provider where you can ask for a token and validate it. I want to protect my REST API (resource server) with OAuth2, so, in every single request, the access token must be validated, against OAuth2 server.

I have been doing this validation in the REST API code itself, by intercepting every request and doing another request to OAuth2 server.

I wonder if there is any way to do it in the Nginx server instead of in the REST API. This way, it would be easier to setup in another REST API, instead of copy/paste the code (or share a library).

Maybe, should I create my own nginx module? Or running an script in every request? If so, how can I do it?

Any advice will be appreciated.

Improve this question

1 Answer 1

Reset to default
7

Yes, you can use the auth-request module in nginx.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.