How to verify the jsonwebtoken?


I managed to get the access_token I need. Now I need to verify the access_token. As in: . But I can’t really figure out what I am supposed to do. I did install a node package. Which provides me with a verify method:

I can’t seem to figure out what arguments to put in. And the docs aren’t helping a Iot either. I assume the first argument is the access_token, is the second my client_secret? And the third, what setting should I pass?

Of course I can proceed without this verification-step, but I’d rather not.

I think you would need to reference this example:

// Verify using getKey callback
// Example uses as a way to fetch the keys.
var jwksClient = require(‘jwks-rsa’);
var client = jwksClient({
jwksUri: ‘
function getKey(header, callback){
client.getSigningKey(header.kid, function(err, key) {
var signingKey = key.publicKey || key.rsaPublicKey;
callback(null, signingKey);

jwt.verify(token, getKey, options, function(err, decoded) {
console.log( // bar

Where in our case the jwksUri would be as mentioned in step #1.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.