Skip to main content
Version: 8.2.X

Reading the JWT Payload

The getJWTPayloadSecurely function#

import SuperTokens from 'supertokens-website';

let payload = await SuperTokens.getJWTPayloadSecurely();

Returns a Promise<JSON object> or throws an error in case reading failed.

  • This does not read from the access token, since that is in httpOnly cookie. Instead, it reads from another token that contains a copy of the payload in the access token.
  • This is not a security issue since the access token payload by itself is not enough to grant access to an API.
Which UI do you use?
Custom UI
Pre built UI