Skip to main content

Verify a JSON Web Token


You want to verify a JSON web token.


Drag and drop an Http in node to create an endpoint to receive the http requests. Use a JWT node and configure the settings, select "Verify" from the dropdown. As soon as you click done, you'll see two outputs from the JWT node. First one is for the Good case [JWT is valid] while the second one is for the Bad case [JWT is corrupt or expired]. Implement your business logic accordingly and send the response back to the client. For this example, we are just going to tell the user if the JWT is valid or not. Use an Http response node to send the response back to the client.

Configure Setting#

click "Done". Then click "Deploy".



[{"id":"4a604514.9dfafc","type":"http in","z":"99f38f53.62683","name":"","url":"/jwt/verify","method":"post","upload":false,"swaggerDoc":"","x":120,"y":180,"wires":[["d012a70d.23de28"]]},{"id":"d012a70d.23de28","type":"jwt","z":"99f38f53.62683","name":"","jwtconfig":"","generatejwt":false,"outputs":2,"x":290,"y":180,"wires":[["ce2c2aa8.eedf48"],["84ad82d.e06a68"]]},{"id":"ce2c2aa8.eedf48","type":"function","z":"99f38f53.62683","name":"jwt is Intact","func":"msg.statusCode =200;\nmsg.payload = {\n    message : \"Jwt is verified\"\n}\nreturn msg;","outputs":1,"noerr":0,"x":510,"y":160,"wires":[["13cac157.1eb0df"]]},{"id":"84ad82d.e06a68","type":"function","z":"99f38f53.62683","name":"Jwt is corrupt","func":"msg.statusCode =401;\nmsg.payload = {\n    message : \"There's an issue with jwt\"\n}\nreturn msg;","outputs":1,"noerr":0,"x":510,"y":200,"wires":[["13cac157.1eb0df"]]},{"id":"13cac157.1eb0df","type":"http response","z":"99f38f53.62683","name":"","statusCode":"","headers":{"content-type":"application/json"},"x":690,"y":180,"wires":[]}]

How to Test From Postman#

Open postman, provide API end point, for Post method

select "Bearer Token" under "Authorization" tab, provide the access token that you received from Get Access Token


Click on button “Send” and you will get message as “Jwt is verified”



This flow verifies the Authorization header of an incoming request against the one defined within the basic-auth settings.

The JWT node simplifies the authorization process so that our users can focus more on the business logic.