Wrap an API route to check that the user has a valid session. If they're not logged in the handler will return a 401 Unauthorized.
// pages/api/protected-route.js import { withApiAuthRequired, getSession } from '@auth0/nextjs-auth0'; export default withApiAuthRequired(function ProtectedRoute(req, res) { const session = getSession(req, res); ... });
If you visit /api/protected-route without a valid session cookie, you will get a 401 response.
/api/protected-route
Wrap an API route to check that the user has a valid session. If they're not logged in the handler will return a 401 Unauthorized.
If you visit
/api/protected-routewithout a valid session cookie, you will get a 401 response.