Verify JWT Locally
Verify a session JWT locally
Verification Process
To verify a JWT locally, you'll need:
The JWT token to verify
The public key in PEM format (base64 encoded)
Parameters
{
token: string, // The JWT to verify
publicKey: string // Base64 encoded public key (must be decoded to UTF-8 before use)
}
Example Usage
try {
const decodedToken = jwt.verify(token, Buffer.from(base64PublicKey, 'base64').toString('utf-8'), { algorithms: ['ES256'] });
// JWT is valid, decodedToken contains the payload
} catch (error) {
// JWT verification failed
console.error(error.message);
}
Error Cases
Verification will throw an error if:
The JWT format is invalid
The signature is invalid
The token has expired (due to logout for example)
The algorithm doesn't match (must be ES256)
Last updated