Verify JWT Locally

Verify a session JWT locally

Verify a session JWT locally using the ES256 algorithm and a public key.

Verification Process

To verify a JWT locally, you'll need:

The JWT token to verify
The public key in PEM format (base64 encoded)

Parameters

{
  token: string,      // The JWT to verify
  publicKey: string   // Base64 encoded public key (must be decoded to UTF-8 before use)
}

Example Usage

try {
    const decodedToken = jwt.verify(token, Buffer.from(base64PublicKey, 'base64').toString('utf-8'), { algorithms: ['ES256'] });
    // JWT is valid, decodedToken contains the payload
} catch (error) {
    // JWT verification failed
    console.error(error.message);
}

Error Cases

Verification will throw an error if:

The JWT format is invalid
The signature is invalid
The token has expired (due to logout for example)
The algorithm doesn't match (must be ES256)

PreviousGet Session JWT Public Key NextActivity Logs

Last updated 6 months ago