simple online nosql database database with REST API and MongoDB queries
  • Features
  • Docs
  • Blog
  • Templates
  • Pricing
  • Contact
  • Sign Up
  • Log In

Blog

 The latest news and articles about restdb.io  

Database templates!
Don't forget to visit our template catalog! It's the fastest way to get up and running with a restdb.io database. View templates »

You shall not pass - without a JSON Web Token

by Jon Erik Solheim
|
User|Howto|API|
  • Share on Facebook
  • Tweet
  • Add to Pocket
  • Share on LinkedIn
  • Send email

Accessing cloud data sources from JavaScript using AJAX and JSON is at the core of so many applications. There are several complicated approaches and there is JSON Web Tokens.

Thousands of developers have chosen to run their Authentication and Backends from cloud providers for one reason. Simplicity.

Enter JSON Web Tokens, Auth0 and restdb.io. Auth0 lets you set up a world class authentication system in front of your application - in 10 minutes. By using the JSON Web Tokens and the JavaScript API from restdb.io, your data API is easily protected.

After all, your application needs 100% of your attention on the core features, which is everything that happens between authentication and the data store.

You'll find a link to a working application example at the end of this article.
In this example we use the Auth0 lock component in front of our application. This covers both sign up and sign in to our application. Read more about how to authenticate using Auth0. The screen shot below shows how the awesome Auth0 lock dialog looks like.


The code for invoking the Lock dialog is shown below.
 
var lock = new Auth0Lock(AUTH0_CLIENT_ID, AUTH0_DOMAIN, {
    auth: {
    params: { scope: 'openid email' } //Details: https://auth0.com/docs/scopes
    }
});
...
lock.show();
 The scope parameter is important to make sure that we get the user email address.

On a successful authentication, the Lock object fires an event with a user profile and the essential JSON Web Token (JWT). We use the JWT to log in to our restdb.io backend database by simply providing the JWT in the constructor. 

lock.on("authenticated", function(authResult) {
    lock.getProfile(authResult.idToken, function(error, profile) {
        if (error) {
            // Handle error
            return;
        }
        // log in to our database using JWT token
        if (!db) {
            db = new restdb(authResult.idToken, {"logging": false, "jwt": true});
        }
        localStorage.setItem('id_token', authResult.idToken);
        // Display user information
        show_profile_info(profile);
    });
});

Now that we have an authenticated user and a session to our database, lets query for some data records from the "products" collection: 

var query = {}; // all
var hint = {"$max": 10}; // first 10 only
db.product.find(query, hint, function(err, productlist){
    // productlist is an array of product objects ...
}

Creating objects and saving it to the database is just as simple:

 
var p = new db.product({name: "from jsapi"});
p.save();

Getting and deleting stuff is a walk-in-the-park as well :)

db.product.getById("5662d2d7632700720000008c", function(err, res){
  var nukem = new db.product(res);
  nukem.delete();
});

Basically, it's really simple to secure your API from anonymous access.

This blog post has shown how you can:
  • Create a Auth0 client for your application
  • Grab the JWT from the Lock dialog
  • Use the JWT to log in to your database

Don't forget to visit this link to a working application example: https://www-websitedemo-4db9.restdb.io/auth0-demo.

Resources 


Read more about restdb.io in the docs here: https://restdb.io/docs
Learn more about Auth0 here: https://auth0.com
Learn more about JWT here: https://jwt.io
  • Share on Facebook
  • Tweet
  • Add to Pocket
  • Share on LinkedIn
  • Send email

All Posts


Search

Topics

  • API
  • Authentication
  • Case study
  • Features
  • Howto
  • Integrations
  • Newsletter
  • Productivity
  • Prototyping
  • Tutorials
  • User

restdb.io is a fast and simple NoSQL cloud database service. With restdb.io you get schema, relations, REST API and an efficient multi-user admin UI for working with data.

Our customers use it for backends, business databases, API-first CMS, data collection and much more. It is easy to get started with the free development plan.

Start Building »

  • Site Links
  • Home Page
  • About Us
  • Contact
  • Blog
  • Templates Catalog
  • Cloud Service
  • Features
  • Pricing
  • Terms & Conditions
  • Privacy Policy
  • Sign Up »
  • Documentation
  • Overview
  • Getting Started
  • Coding against the API
  • Utils
  • Security and Admin
© 2025 restdb.io