Skip to main content
Deno 2 is finally here 🎉️
Learn more
Module

x/oauth4webapi/mod.ts>experimental_validateJwtAccessToken

OAuth 2 / OpenID Connect for JavaScript Runtimes
Go to Latest
function experimental_validateJwtAccessToken
import { experimental_validateJwtAccessToken } from "https://deno.land/x/oauth4webapi@v2.8.0/mod.ts";

This is an experimental feature, it is not subject to semantic versioning rules. Non-backward compatible changes or removal may occur in any future release.

Validates use of JSON Web Token (JWT) OAuth 2.0 Access Tokens for a given Request as per RFC 9068 and optionally also RFC 9449.

This does validate the presence and type of all required claims as well as the values of the JWTAccessTokenClaims.iss | iss, JWTAccessTokenClaims.exp | exp, JWTAccessTokenClaims.aud | aud claims.

This does NOT validate the JWTAccessTokenClaims.sub | sub, JWTAccessTokenClaims.jti | jti, and JWTAccessTokenClaims.client_id | client_id claims beyond just checking that they're present and that their type is a string. If you need to validate these values further you would do so after this function's execution.

This does NOT validate the DPoP Proof JWT nonce. If your server indicates RS-provided nonces to clients you would check these after this function's execution.

This does NOT validate authorization claims such as scope either, you would do so after this function's execution.

Parameters

Authorization Server to accept JWT Access Tokens from.

request: Request
expectedAudience: string

Audience identifier the resource server expects for itself.