Skip to main content

Verify JWTs

Method 1) Using JWKS endpoint#

a) Get JWKS endpoint#

Refer to this page to get the JWKS endpoint for your backend

b) Verify the JWT#

Some libraries let you provide a JWKS endpoint to verify a JWT. For example for NodeJS you can use jsonwebtoken and jwks-rsa together to achieve this.

var JsonWebToken = require('jsonwebtoken');var jwksClient = require('jwks-rsa');
var client = jwksClient({  jwksUri: '{apiDomain}/{apiBasePath}/jwt/jwks.json'});
function getKey(header, callback){  client.getSigningKey(header.kid, function(err, key) {    var signingKey = key.publicKey || key.rsaPublicKey;    callback(err, signingKey);  });}
JsonWebToken.verify(token, getKey, options, function(err, decoded) {    let decodedJWT = decoded;    // Use JWT});

For other languages, jwt.io recommends some libraries that you can use for JWT verification

Method 2) Using public key string#

a) Getting a certificate string#

Refer to this to know how to retrieve a key string to use

b) Verify the JWT#

Some libraries/services let you configure a secret that can be used for JWT verification. Using the same example as above you can use a key when using jsonwebtoken.

var JsonWebToken = require('jsonwebtoken');
// Truncated for displaylet certificate = "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhki...\n-----END PUBLIC KEY-----";JsonWebToken.verify(jwt, certificate, function(err, decoded) {    let decodedJWT = decoded;    // Use JWT});

For other languages, jwt.io recommends some libraries that you can use for JWT verification