Backend Integrations
AuthAction issues JWT access tokens that your backend APIs can validate using standard JWKS-based verification. This section provides integration guides for popular backend frameworks.
Available Guides
Section titled “Available Guides”- Express.js — JWT middleware with
express-jwtandjwks-rsa - NestJS — Passport JWT strategy with JWKS validation
- Spring Boot — Spring Security OAuth2 Resource Server
- Go — Gin middleware with
golang-jwtandjwx - .NET — ASP.NET Core JWT Bearer authentication
How It Works
Section titled “How It Works”- Your frontend obtains an access token from AuthAction
- The frontend sends the token in the
Authorization: Bearer <token>header - Your backend validates the token’s signature against AuthAction’s JWKS endpoint
- If valid, the request is authorized; otherwise a
401 Unauthorizedresponse is returned
All implementations validate the issuer, audience, and RS256 signature of the JWT to ensure the token is legitimate and intended for your API.