Skip to content
Auth0 verification plugin for Fastify
Branch: master
Clone or download
Latest commit 589db92 Nov 20, 2019


Package Version Dependency Status Build

Auth0 verification plugin for Fastify, internally uses fastify-jwt and jsonwebtoken.


Just run:

npm install fastify-auth0-verify --save


Register as a plugin, providing one or more of the following options:

  • domain: The Auth0 tenant domain. It enables verification of RS256 encoded JWT tokens. It is also used to verify the token issuer (iss). Either provide a domain or the full URL, including the trailing slash (
  • audience: The Auth0 audience (aud), usually the API name. If you provide the value true, the domain will be also used as audience.
  • secret: The Auth0 client secret. It enables verification of HS256 encoded JWT tokens.
  • complete: If to return also the header and signature of the verified token.
  • secretsTtl: How long (in milliseconds) to cache RS256 secrets before getting them again using well known JWKS URLS. Setting to 0 or less disables the cache.

Once registered, your fastify instance and request will be decorated as describe by fastify-jwt.

In addition, the request will also get jwtDecode and authenticate decorators.

The first one is similar to jwtVerify but it just performs the JWT token decoding.

The second one can be used as preValidation hook to add authenticate to your routes. The token information will be available in request.user.


const server = require('fastify')()


server.register(function(instance, _options, done) {
  instance.get('/verify', {
    handler: function(request, reply) {
    preValidation: instance.authenticate


server.listen(0, err => {
  if (err) {
    throw err




Copyright NearForm Ltd 2019. Licensed under the Apache-2.0 license.

You can’t perform that action at this time.