verifyToken()function
verifyToken(token: string, secret: PossibleBytes, caller: AnyCaller = verifyToken): Promise<Data>
| Param | Type | |
|---|---|---|
token | string | The JWT string to verify. required |
secret | PossibleBytes | The secret key to verify the JWT signature with (minimum 64 bytes / 512 bits). required |
caller | AnyCaller | Identity of the calling function for error attribution. Defaults to verifyToken |
| Return | |
|---|---|
Promise<Data> | A promise resolving to the decoded payload claims. |
| Throws | |
|---|---|
unknown | ValueError If the secret is not a byte sequence of at least 64 bytes. |
unknown | UnauthorizedError If the token is malformed, the signature is incorrect, or the token is expired or not yet valid. |
Decode a JWT, verify it, and return the full payload data.
- Currently only supports HMAC SHA-512 signing.
- Allows a small amount of clock skew when checking
nbfandexp.
Examples
const { sub } = await verifyToken(token, secret)