Support from the community to continue maintaining and improving this module is welcome. If you find the module useful, please consider supporting the project by becoming a sponsor.
▸ jwtDecrypt(jwt, key, options?): Promise<JWTDecryptResult>
Verifies the JWT format (to be a JWE Compact format), decrypts the ciphertext, validates the JWT Claims Set.
| Name | Type | Description |
|---|---|---|
jwt |
string | Uint8Array |
JSON Web Token value (encoded as JWE). |
key |
Uint8Array | KeyLike |
Private Key or Secret to decrypt and verify the JWT with. See Algorithm Key Requirements. |
options? |
JWTDecryptOptions |
JWT Decryption and JWT Claims Set validation options. |
Example
const secret = jose.base64url.decode('zH4NRP1HMALxxCFnRZABFA7GOJtzU_gIj02alfL1lvI')
const jwt =
'eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..MB66qstZBPxAXKdsjet_lA.WHbtJTl4taHp7otOHLq3hBvv0yNPsPEKHYInmCPdDDeyV1kU-f-tGEiU4FxlSqkqAT2hVs8_wMNiQFAzPU1PUgIqWCPsBrPP3TtxYsrtwagpn4SvCsUsx0Mhw9ZhliAO8CLmCBQkqr_T9AcYsz5uZw.7nX9m7BGUu_u1p1qFHzyIg'
const { payload, protectedHeader } = await jose.jwtDecrypt(jwt, secret, {
issuer: 'urn:example:issuer',
audience: 'urn:example:audience',
})
console.log(protectedHeader)
console.log(payload)▸ jwtDecrypt<T>(jwt, getKey, options?): Promise<JWTDecryptResult & ResolvedKey<T>>
| Name | Type |
|---|---|
T |
extends KeyLike = KeyLike |
| Name | Type | Description |
|---|---|---|
jwt |
string | Uint8Array |
JSON Web Token value (encoded as JWE). |
getKey |
JWTDecryptGetKey |
Function resolving Private Key or Secret to decrypt and verify the JWT with. See Algorithm Key Requirements. |
options? |
JWTDecryptOptions |
JWT Decryption and JWT Claims Set validation options. |