Skip to content

Auth Example

Demonstrates authentication and authorization using @venturekit/auth.

Source: examples/auth/

Key Concepts Demonstrated

Cognito integration via auth infrastructure intents
OAuth scopes defined in security config, enforced in handlers
Role-based access control — roles that map to sets of scopes
Scope checking utilities — hasScope, hasAnyScope, getScopesForRoles
JWT utilities — decodeToken, extractUserFromToken, isTokenExpired
User context — ctx.user.id, ctx.user.email, ctx.user.scopes
Admin-only endpoints — restricted to admin.users scope

Endpoints

Route	Auth	Description
`GET /me`	`users.read`	Current user profile
`GET /admin/users`	`admin.users`	Admin-only user list
`POST /auth/verify-token`	Public	Decode a JWT
`POST /auth/check-roles`	Public	Check role permissions

Roles

const roles = [
  { name: 'viewer', scopes: ['users.read'] },
  { name: 'member', scopes: ['users.read', 'users.write'] },
  { name: 'admin', scopes: ['users.read', 'users.write', 'admin.users'], isSystem: true },
];

Run It

cd examples/auth
npm install
vk dev

curl -H "Authorization: Bearer <token>" http://localhost:3000/me