Skip to content

richardjkendall/validate-jwt-api

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
error_handler.py
error_handler.py
 
 
install.sh
install.sh
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 
setup.cfg
setup.cfg
 
 

Repository files navigation

JWT Validation API

This is a lightweight API which can validate that a given JWT:

  • has not expired
  • has a valid signature
  • is for the intended audience

You need to POST a JSON object to the API with the following structure:

{
  "jwt": "<the JWT to be validated>",
  "keys": "<array of JWK>",
  "aud": "<expected audience>"
}

Responses

Valid

You'll get a 200 OK with the JSON encoded payload of the token

Request not understood

You'll get a 400 Bad Request with an explanation of what was wrong with the request

Invalid

You'll get a 401 Unathorized.

All else

You'll get a 502 or 500 Server Error.

About

API to validate a JWT

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages