How to validate the jwt on server?

Hi @ywj79310,

Welcome to the Auth0 Community!

For an RS256 signed token, you will need the token’s Public Key. You can manually add the key to that library, or fetch the JWKS programatically. There are examples of both in the README for that library: GitHub - auth0/node-jsonwebtoken: JsonWebToken implementation for node.js

If you are using Auth0, you can find the key following this resource: