In Couchbase Sync Gateway, how to make sure implicit OpenId implicit flow works?

Question

I'm working on an application using OpenId connect implicit flow with Auth0 provider. I'm already able to get the JWT token from Auth0, and now want to start a session in Couchbase sync gateway.

For that, I do a POST to /{db}/_session which return me a cookie with SyncGatewaySession id. From what I understand, this should be associated with a user in sync gateway web interface ... However I see no user created.

So, is there a way to see which user I use for replication ?

Or a way to make sure my JWT token is correctly read by sync gateway ?

EDIT When I disable the GUEST user by setting the following in my config file,

        "users": {
            "GUEST": {
                "disabled": true,
                "admin_channels": [
                    "*"
                ]
            }
        }

my OpenId doesn't seem to access sync. I guess it means I use GUEST user unknowingly.

So. How can I have my OpenID user created as a distinct user from GUEST one ?

Answer 1

There are errors (and missing points) in Couchbase Sync gateway documentation for OpenId Connect implicit flow.

1. Id token MUST USE RS256 encoding algorithm
2. The public key used by the JWT provider must be used as validation_key defined in Sync Gateway config file.
3. To obtain a session, the JWT must be set as POST header with the key Authorization and the value prefix Bearer.
4. Then, to have users automatically created, the property register must be set to true in config file

With all those errors corrected, I finally had my users and sessions correctly created, and my couchbase lite data correctly replicated, even when users initially didn't exist.