I want to build a custom, external api to display some stats that are tied to the users’ accounts. I can keep track of the users through webhooks, but how do I allow them to access their own data securely?
To sum it up: How can I use ghost’s internal authentication with an external application?
I am having trouble with this part, I found ./versions/5.34.0/core/server/web/well-known.js which has the jwks.json route wellKnownApp.get('/jwks.json', cache, async (req, res) => , but I can’t seem to get it to respond with anything other than a 404. Is there some change I need to make? I did notice anything on the /members/.well-known/ path returns an nginx 404 instead of one from ghost. Search · jwks.json · GitHub This was somewhat useful, it seems I might have some sort of installation issue as the routes listed don’t function on my server. I tested on a public installation of ghost and it worked fine so it must be an issue with my nginx I think.