Demonstrates verifying OAuth 2 JSON web tokens using HAProxy
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
haproxy Updated to use newer script from JWT repo. Jan 14, 2019

HAProxy - JWT

Demonstrates verifying OAuth 2 JSON web tokens in HAProxy using Lua code. See the JWT Lua library here.

Set up:

  1. Sign up for a free account at and create a new API.
  2. Under the Scopes tab for the API, add a "read:hamsters" scope and a "write:hamsters" scope.
  3. Add a new "Machine to Machine Application" on the Auth0 site and select the API you created. Grant the "read" and "write" scopes.
  4. Replace the pem/pubkey.pem with the public key from your application's Settings tab: Applications > My App > Settings > Show Advanced Settings > Certificates > Download Certificate. (Be sure to convert it first using openssl x509 -pubkey -noout -in ./mycert.pem > pubkey.pem)
  5. Edit haproxy/haproxy.cfg, replacing the Auth0 URL with your own, such as
  6. Create the environment with Vagrant:
    vagrant up
  7. Get a JSON web token (JWT) from your authentication server by following the Quick Start on the Auth0 website, under the Applications tab, for your Machine to Machine application.
  8. Make requests to and attach the JWT in the Authorization header. You should get a successful response.


Check that the haproxy service is running:

sudo systemctl status haproxy

You can check if the haproxy.cfg file is valid with this command:

sudo haproxy -c -f /etc/haproxy/haproxy.cfg

Debug the incoming requests with:

sudo haproxy -d -f /etc/haproxy/haproxy.cfg

SSH into the VM with vagrant ssh and and make sure the node.js website is running:

cd /vagrant/web
docker-compose build
sudo docker-compose up -d