Bearer token generation and validation Mendix REST API

Hello, I have been building an API.​​​​​ Now, I want to make it more secure but I don't want to use authentication based on username and password. I want to use Bearer token authentication, meaning a custom one. However, I am very much unsure about how to do this since I don't know how to generate those tokens and validate them inside the custom microflow. I am much unfamilliar with how to integrate this functionality with the mendix platform.    If anyone has any resources on this please let me know. Thanks, Marcian,
1 answers

Hi Marcian,


I would not build an identity provider. There are ready solutions out there (Auth0, Azure Active Directory). If you use one, you get rid of the token generation problem and only have to take care of validating received tokens on server side. There are some items in marketplace which should help, like


* OAuth 2.0 SSO Demo:

* JWT module:

* OAuth module:


Hope that helps!


Kind regards,