[Guardian] Create machine to machine token

pedropeixoto · April 26, 2021, 9:06pm

Hello!

I have Guardian fully working for my Phoenix API app. I have protected some endpoints behind authentication, and so far so good.

Now I need to protect endpoint for machine to machine use only. I have some cloud functions running on GCP that need to post some data to the API, but these endpoints shouldn’t be accessible by anyone but that cloud function. How would I do that with Guardian/Phoenix?

Thank you!

Exadra37 · April 26, 2021, 9:59pm

I would use pure Phoenix tokens for that:

https://hexdocs.pm/phoenix/Phoenix.Token.html

iex> client_id = 1

iex> token = Phoenix.Token.sign(MyApp.Endpoint, "client_token", client_id)

iex> Phoenix.Token.verify(MyApp.Endpoint, "client_token", token)
{:ok, 1}

pedropeixoto · April 27, 2021, 8:15am

This is great, very simple. Thank you!