Angular Security

Warning

Cyber threats and security are a top priority at the lab. Determining your implementation case should depend highly on the level of sensitive data. The more sensitive the data the more you need to include JAX Security.

In our applications, if you require user persistence and token-based authentication we opt to use a basic implementation of Auth0.

Identity and Access Management (IAM) basics

The Auth0 Angular SDK is the simplest way to implement security for your client applications. This requires you to make an Auth0 account and set up an application. Please reach out to our Auth0 admins to get set up with The Jackson Laboratory Tenant.

• Alexander Berger
• John Bluis
• Jake Emerson
• Michael Gargano

Some frequently asked questions

Do I need to make a client application for each environment?

It depends on your users. Does it matter that the same users could have access to both development and production? Is data highly dependent on different user. Remember to keep it simple at first and increase complexity if neccessary.

My request don't have tokens attached whats up?

Check your configuration. Specifically the allowedList should specify your URL.

// Specify configuration for the interceptor              
httpInterceptor: {
    allowedList: [
     {
            // Match any request that starts 'https://{yourDomain}/api/v2/' (note the asterisk)
            uri: 'https://{yourDomain}/api/v2/*',
     }
    ]
}

What else needs to be done?

Your API should be verifying the token passed and storing metadata if necessary. See calling an API