The Zuplo Identity Token is a new feature that allows developers to create a JWT token that uniquely and securely identifies their Zuplo API. This token can be used to authenticate downstream services or third-party APIs, enabling secure communication between services without the need for additional authentication mechanisms or sharing of sensitive credentials.
The Zuplo Identity Token is a JSON Web Token (JWT) that contains information about the Zuplo API that it represents. This token is signed by Zuplo and can be verified by downstream services or third-party APIs to ensure its authenticity and integrity.
The token contains claims for the Zuplo account, project, and deployment
that can be used to uniquely identify the API and its associated resources. See
the
Zuplo Identity Token documentation
for more information.
Using the Token#
Developers can access the Zuplo Identity Token in their code by calling the
ZuploServices API. A custom audience can be provided to the token to ensure
that it is only usable by the intended downstream service. Multiple tokens with
different audiences can be created and caching is managed by Zuplo to ensure
high performance.
import { ZuploServices, ZuploContext, ZuploRequest } from "@zuplo/runtime";
export default async function handler(
request: ZuploRequeset,
context: ZuploContext,
) {
const idToken = await ZuploServices.getIDToken(context, {
audience: "https://my-api.example.com",
});
const response = await fetch("https://my-api.example.com", {
headers: {
Authorization: `Bearer ${idToken}`,
},
});
}