Wrap an app router API route to check that the user has a valid session. If they're not logged in the handler will return a 401 Unauthorized.
// app/protected-api/route.jsimport { withApiAuthRequired, getSession } from '@auth0/nextjs-auth0';export default withApiAuthRequired(function Protected(req) { const session = getSession(); ...}); Copy
// app/protected-api/route.jsimport { withApiAuthRequired, getSession } from '@auth0/nextjs-auth0';export default withApiAuthRequired(function Protected(req) { const session = getSession(); ...});
If you visit /protected-api without a valid session cookie, you will get a 401 response.
/protected-api
Wrap an app router API route to check that the user has a valid session. If they're not logged in the handler will return a 401 Unauthorized.
If you visit
/protected-apiwithout a valid session cookie, you will get a 401 response.