node package manager
It’s your turn. Help us improve JavaScript. Take the 2017 JavaScript Ecosystem Survey »


Bearer auth middleware

The bearer auth middleware is a generic bearer token authentication solution for webtasks. A request to a webtask configured with this middleware will be rejected with a 401 response if it lacks the correct bearer token.


To use the bearer auth middleware requires encoding a shared secret in the wt-auth-secret secret that must be specified in Authentication: Bearer <SHARED_SECRET> headers.

  1. Set the wt-node-dependencies metadata property to the stringified JSON of an object having @webtask/middleware-compiler and @webtask/bearer-auth-middleware properties whose values are the latest version of the @webtask/middleware-compiler module and this module, respectively.

  2. Set the wt-compiler metadata property on your webtask to @webtask/middleware-compiler.

  3. Set (or add to) the wt-middleware metadata property of your webtask to contain a comma-separated list containing @webtask/bearer-auth-middleware.

  4. Set the wt-auth-secret secret to a shared secret.

  5. Issue requests to your webtask, making sure that you add an Authorization header having the value: Bearer <SHARED_SECRET>.