Backend Integrations
AuthAction issues JWT access tokens that your backend APIs validate using standard JWKS-based verification. This section provides integration guides for popular backend frameworks.
Available Guides
Section titled “Available Guides”- Express.js: JWT middleware with
express-jwtandjwks-rsa - NestJS: Passport JWT strategy with JWKS validation
- Spring Boot: Spring Security OAuth2 Resource Server
- Go: Gin middleware with
golang-jwtandjwx - .NET: ASP.NET Core JWT Bearer authentication
How It Works
Section titled “How It Works”- Your frontend obtains an access token from AuthAction
- The frontend sends the token in the
Authorization: Bearer <token>header - Your backend validates the token’s signature against AuthAction’s JWKS endpoint
- If valid, the request is authorized; otherwise a
401 Unauthorizedresponse is returned
All implementations validate the issuer, audience, and RS256 signature of the JWT to ensure the token is legitimate and intended for your API.