Serverless Token Validation Using PubNub Functions and Vault

3 min read Adam Bavosa on Mar 26, 2018
Try PubNub Today

Free up to 1MM monthly messages. No credit card required.

Subscribe to our newsletter

By submitting this form, you are agreeing to our Terms and Conditions and Privacy Policy.

Validate tokens using PubNub Functions: a serverless, autoscaling, microservice platform. Deploy globally in under 5 minutes with JavaScript and PubNub.

PubNub Functions allow a developer to deploy a service that is infinitely scalable in just a few minutes. All you need is a PubNub account, a little bit of Node.js knowledge along with request and response code ability, and you’re ready to begin writing code.

Token Validation

Web applications that use authentication need to have a pattern implemented to make sure that every request a user makes is valid and authentic. A common method of verifying identity is keeping a token in your back-end database, and issuing it only when a user has properly provided their secret credentials.

Every time the authenticated user makes a subsequent request to your application, they must provide this token, which only their device and your database know. We can use PubNub Functions as our back-end application and database, thanks to Node.js and the Vault module.

PubNub Functions

Functions execute on an in-transit PubNub message, allowing the developer to do some magic in the middle. The On Request event handler turns PubNub functions into your own HTTP server that handles a basic task. You can use the architectural term: microservice.

In this instance, we are storing a secret token, one that we wish to hide in the cloud. Let’s say we need to create a service that validates a client’s token, to make sure they are using the right one. This very simple demo shows how to build and deploy this service in under 5 minutes.

Check out the Functions quickstart tutorial to learn how to submit your code with the deploy button in the PubNub Admin Dashboard.

export default (request, response) => {
  const vault = require('vault');
  let paramsObject = request.params;
  return vault.get('myToken').then((token) => {
    if (paramsObject.token === token) {
      response.status = 200;
      return response.send();
    } else {
      response.status = 400;
    return response.send();
  }).catch((err) => {
    response.status = 500;
    return response.send();

Above we have the event handler code to verify a user’s token on request. Before we deploy the code, we should set the secret token inside of Functions dev environment. These are keys and values that are kept safe and secure, and can only be accessed from the event handler code using Vault.

Set Vault


Click on the My Secrets button on the left-hand side of the window and input your key and value for your token.

Test Payload

Next, we can use the Test Payload with the proper URI to check that our service sends the correct response codes. Copy the URL for the server using the COPY URL Button on the left side of the functions dev environment.

Hit the play button on the right to deploy this service globally in a few seconds.

We can use the following HTML page with the simple UI to represent our robust and dignified web application. Be sure to paste the On Request URL from the Functions Dev Environment into your JavaScript (COPY URL button on the left).

<!DOCTYPE html>
  <title>Token Validator</title>
  <link rel="stylesheet" type="text/css" href="">
  <input id="text" type="text">
  <input id="submit" type="submit">
  <p id="serverResponse"></p>
<script src=""></script>
<script type="text/javascript">
var text = document.getElementById('text');
var submit = document.getElementById('submit');
var serverResponse = document.getElementById('serverResponse');
var onRequestUri = "__PubNub_Functions_URI__";
function reqListener () {
  serverResponse.innerHTML = this.status;
submit.addEventListener("click", function() {
  var req = new XMLHttpRequest();
  req.addEventListener("load", reqListener);"GET", onRequestUri + "?token=" + text.value);

Now we can confirm that our serverless app works. Input a correct or incorrect token into the textbox and hit submit. The response status code will be displayed below the textbox.

response status response status

This example does not provide any complex algorithms for verifying tokens however this can be done using the crypto module in Functions.

More from PubNub

How to Add a Notification Badge to Icons in React Native
Real-time Chat BlogDec 19, 20226 min read

How to Add a Notification Badge to Icons in React Native

Display real-time notification badges with PubNub and React Native to display important information and bring users back to your...

Michael Carroll

Michael Carroll

Digital Twins and the Future of Real-Time Data
InsightsDec 6, 20224 min read

Digital Twins and the Future of Real-Time Data

The concept of Digital Twins has evolved over the last two decades, however, one thing remains the same: the need for real-time...

Michael Carroll

Michael Carroll

How Many Text Characters Fit in a 32KB PubNub Message?
Real-time Chat BlogNov 24, 20224 min read

How Many Text Characters Fit in a 32KB PubNub Message?

Learn the ins-and-outs of PubNub message size and get a better idea of how many text characters fit in a single message.

Michael Carroll

Michael Carroll