Skip to content

VegarRingdalAibel/azure-ad-verify-token

 
 

Repository files navigation

NPM Version CI Codecov

Azure AD Verify Token

Verify JWT issued by Azure Active Directory B2C.

Table of Contents

Features

  • 🎉 Verify JWT issued by Azure Active Directory B2C.
  • 🚀 Automatically use the rotated public keys from Azure.
  • 💪 Written in TypeScript.
  • ♻️ Configurable cache for public keys.

Installation

npm install azure-ad-verify-token --save

Usage

Verify

import { verify, VerifyOptions } from 'azure-ad-verify-token';

const options: VerifyOptions = {
  jwksUri:
    'https://contoso.b2clogin.com/contoso.onmicrosoft.com/discovery/v2.0/keys?p=b2c_1_signupsignin1',
  issuer:
    'https://contoso.b2clogin.com/3285c484-dce5-4abb-a341-bbe4f2bc8554/v2.0/',
  audience: '99d1275c-e805-483f-b832-600f8130829c',
};

verify(token, options)
  .then((decoded) => {
    // verified and decoded token
    console.log(decoded);
  })
  .catch((error) => {
    // invalid token
    console.error(error);
  });

Verify options:

Property Type Description
jwksUri string jwk_uri value obtained from B2C policy metadata endpoint.
issuer string issuer value obtained from B2C policy metadata endpoint.
audience string Application ID of the application accessing the tenant.

Example metadata endpoints:

Configuration

import { setConfig } from 'azure-ad-verify-token';

setConfig({
  cacheLifetime: 12 * (60 * 60 * 1000), // 12 hours
});

Configuration options:

Property Type Description Default
cacheLifetime number Number of milliseconds to cache public keys. 1 hour

References

Development

npm install
npm run build

About

Verify JWT issued by Azure Active Directory B2C.

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages

  • TypeScript 95.5%
  • JavaScript 4.5%