Okta JWT Access Token verifier for Python using cached JWKs.
Link to PyPi - click here
pip install okta_jwt
To generate a token, you need to pass in issuer, client_id, client_secret, username and password as parameters
>>> from okta_jwt.jwt import generate_token
>>> generate_token(issuer, client_id, client_secret, username, password)
This generates and returns Okta Access Token.
To Validate the Access Token, you need to pass in the access_token, issuer, audience and client_ids as parameters. You can pass in multiple Client IDs
>>> from okta_jwt.jwt import validate_token
>>> validate_token(access_token, issuer, audience, client_ids)
If the token is valid then it will return the payload.
To run the unit tests, run
$ python -m unittest
The unit tests pretty much covers all the main functionality of the package, like generating the token, Validating the token and Verifying Claims.
Bug reports and Pull Requests(PR's) are welcome on GitHub at https://github.com/adithyasampatoor/okta_jwt. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.
The Library is available as open source under the terms of the MIT License
FAQs
Okta JWT Access Token verifier
We found that okta-jwt demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.