Wrap a page router API route to check that the user has a valid session. If they're not logged in the handler will return a 401 Unauthorized.
// pages/api/protected-route.jsimport { withApiAuthRequired, getSession } from '@auth0/nextjs-auth0';export default withApiAuthRequired(function ProtectedRoute(req, res) { const session = getSession(req, res); ...}); Copy
// pages/api/protected-route.jsimport { withApiAuthRequired, getSession } from '@auth0/nextjs-auth0';export default withApiAuthRequired(function ProtectedRoute(req, res) { const session = getSession(req, res); ...});
If you visit /api/protected-route without a valid session cookie, you will get a 401 response.
/api/protected-route
Wrap a page router API route to check that the user has a valid session. If they're not logged in the handler will return a 401 Unauthorized.
If you visit
/api/protected-routewithout a valid session cookie, you will get a 401 response.