auth0-fastapi-api
OfficialProtect FastAPI APIs with Auth0 JWT validation
System Documentation
What problem does it solve?
Secure FastAPI API endpoints by validating Auth0-issued access tokens, enforcing scopes and permissions, and supporting DPoP proof-of-possession to prevent token replay and misbound tokens. The guidance reduces common mistakes like hardcoding domain or audience, manual JWT parsing, and incorrect use of ID tokens for API authorization.
Core Features & Use Cases
- Token validation and claims: Verifies issuer, audience, signature via JWKS, and returns decoded claims for use in handlers.
- Scope and permission checks: Enforce required scopes for routes using the require_auth dependency to return 403 on missing scopes.
- DPoP support and proxy handling: Accepts or requires DPoP-bound tokens, includes timing/leeway configuration, and documents proxy trust configuration for correct DPoP validation.
- Use case: Protect a messages API so that only SPA clients with access tokens containing read:messages can retrieve messages while rejecting expired or misbound tokens.
Quick Start
Install the package, set AUTH0_DOMAIN and AUTH0_AUDIENCE in your environment, create an Auth0 API resource, and add an Auth0FastAPI instance with require_auth() to protect your route.
Dependency Matrix
Required Modules
None requiredComponents
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: auth0-fastapi-api Download link: https://github.com/auth0/agent-skills/archive/main.zip#auth0-fastapi-api Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.