jwt-validate
Advanced tools
Validate JWT tokens in Node.js.
npm install jwt-validate
import { TokenValidator, getEntraJwksUri } from 'jwt-validate';
// gets the JWKS URL for the Microsoft Entra common tenant
const entraJwksUri = await getEntraJwksUri();
// create a new token validator with the JWKS URL
const validator = new TokenValidator({
jwksUri: entraJwksUri
});
try {
// define validation options
const options = {
// allowed audience
audience: '00000000-0000-0000-0000-000000000000',
// allowed issuer
issuer: 'https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/v2.0'
};
// validate the token
const validToken = await validator.validateToken(token, options);
// Token is valid
}
catch (ex) {
// Token is invalid
console.error(ex);
}
Validate that the token is an application token by checking the idtyp claim. Requires the idtyp claim to be present in the token.
import { TokenValidator, getEntraJwksUri } from 'jwt-validate';
// gets the JWKS URL for the Microsoft Entra common tenant
const entraJwksUri = await getEntraJwksUri();
// create a new token validator with the JWKS URL
const validator = new TokenValidator({
jwksUri: entraJwksUri
});
try {
// define validation options
const options = {
idtyp: 'app'
};
// validate the token
const validToken = await validator.validateToken(token, options);
// Token is valid
}
catch (ex) {
// Token is invalid
console.error(ex);
}
import { TokenValidator, getEntraJwksUri } from 'jwt-validate';
// gets the JWKS URL for the Microsoft Entra common tenant
const entraJwksUri = await getEntraJwksUri();
// create a new token validator with the JWKS URL
const validator = new TokenValidator({
jwksUri: entraJwksUri
});
try {
// define validation options
const options = {
ver: '2.0'
};
// validate the token
const validToken = await validator.validateToken(token, options);
// Token is valid
}
catch (ex) {
// Token is invalid
console.error(ex);
}
TokenValidatorResponsible for validating JWT tokens using JWKS (JSON Web Key Set).
constructor(options)
options: Object - Configuration options for the TokenValidator.
cache: boolean (optional, default=true) - Whether to cache the JWKS keys.cacheMaxAge: number (optional, default=86400000) - The maximum age of the cache in milliseconds (default is 24 hours).jwksUri: string - The URI to fetch the JWKS keys from.Error - If the options parameter is not provided.async validateToken(token, options)
token: string - The JWT token to validate.options Object (optional): Validation options. VerifyOptions from the jsonwebtoken library with additional properties.
idtyp string (optional): The idtyp claim to be validated against.ver: string (optional) - The version claim to be validated against.Promise<JwtPayload | string> - The decoded and verified JWT token.Error - If the token is invalid or the validation fails.clearCache()
deleteKey(kid)
kid string - The key ID to delete from the cache.getEntraJwksUriPromise<string> - The JWKS URI.This project is licensed under the MIT License.
FAQs
Validate JWT tokens in Node.js.
We found that jwt-validate demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
Research
/Security News
Malicious update to @ctrl/tinycolor on npm is part of a supply-chain attack hitting 40+ packages across maintainers