Authentication with 3rd party service for gated content

Before serving /gated-page.html, inside a Netlify function, I want to make sure that a user’s provided authentication token can be verified by a 3rd party service. The 3rd party exposes an API, so it’s just a matter of calling the 3rd party’s API and using the response to continue with serving /gated-page.html.

So basically trying to implement a flow that looks like this:

  • user attempts to access /gated-page.html
  • Netlify function reads user’s authentication token
  • Netlify function calls 3rd party service and waits for successful response
  • on successful response, user can proceed to access /gated-page.html

Netlify Identity isn’t ideal since the 3rd party service deals with user management. OAuth may work, but it appears only GitHub, GitLab, and Bitbucket are supported. JWT tokens wouldn’t work as the auth token needs to be verified with the 3rd party in real-time (stateful auth). Also read through these strategies for authenticating Netlify functions, but these are for authenticating Netlify functions and not actual pages on the site. And also read through the Routing section of the documentation, which doesn’t appear to allow executing a Netlify function before serving a page.

I’ve thought about just setting up an express server to serve static files, but wondering if there is a simpler way to achieve this/if I’m misunderstanding something.

Hi @j-berman, welcome to the Netlify Forums!

Right now, there isn’t a way to do what you want to do. However, Edge Handlers should be able to do what you describe instead of a regular Netlify Function. The caveat is that it isn’t out yet.

1 Like

Thanks @Dennis :slight_smile:

One additional caveat I noticed with Edge Handlers is that they have an execution time limit of 50ms, so would need to contact sales to get that increased for this use case.

Appreciate the pointer!

1 Like

No problem. Sorry there isn’t a workaround I’m aware off in the meantime.