Appearance
How to validate the access token rsa 256
Call API to get the login key (Refer to this link)
* Api:
Name: getJWKS
Path: /auth/.well-known/jwks.json
Method: GET
Example:
- Client Credentials
var jwksClient = require('jwks-rsa');
var client = jwksClient({
jwksUri: 'https://api.stg.token.tci-pf.net/auth/.well-known/jwks.json'
});
function getKey(header, callback){
client.getSigningKey(header.kid, function(err, key) {
var signingKey = key.publicKey || key.rsaPublicKey;
callback(null, signingKey);
});
}
jwt.verify(token, getKey, options, function(err, decoded) {
console.log(decoded)
});
Decoded token
{
"iat":1662429262,
"iss":"atm",
"exp":1662429442,
"aud":"T_1kwjq0gTKGW6-g4O8OF"
}
- Authorization and Authorization PKCE flow
var jwksClient = require('jwks-rsa');
var client = jwksClient({
jwksUri: 'https://api.stg.token.tci-pf.net/auth/.well-known/jwks.json'
});
function getKey(header, callback){
client.getSigningKey(header.kid, function(err, key) {
var signingKey = key.publicKey || key.rsaPublicKey;
callback(null, signingKey);
});
}
jwt.verify(token, getKey, options, function(err, decoded) {
console.log(decoded)
});
Decoded token
{
"iat": 1662607837,
"iss": "atm",
"exp": 1662608437,
"aud": "dIwGvPwelNS3Je6AzH41t",
"scope": {
"email": "hao.appuser@yopmail.com",
"id": "a34fZ4NmtQdXuk1k9_2Vt",
"firstName": "Hao app user",
"lastName": ""
}
}