There doesn't seem to be a lot of help around this online, thank you for your post.
I have a question around verifying the token, I am using NodeJS.
I am able to get the User information out of 'X-Apigateway-Api-Userinfo' - I am not sure if I need to use the Admin SDK to verify this Token, or whether I now just pull out the information, like you do, and trust the token has been verified - is that right?
Yea, you should be able to pull the base64 encoded token straight from X-Apigateway-Api-Userinfo. Once you grab the header you should be to do base64 decode on it and it will have the correct json stucture
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
There doesn't seem to be a lot of help around this online, thank you for your post.
I have a question around verifying the token, I am using NodeJS.
I am able to get the User information out of 'X-Apigateway-Api-Userinfo' - I am not sure if I need to use the Admin SDK to verify this Token, or whether I now just pull out the information, like you do, and trust the token has been verified - is that right?
Yea, you should be able to pull the base64 encoded token straight from X-Apigateway-Api-Userinfo. Once you grab the header you should be to do base64 decode on it and it will have the correct json stucture