Jwt verification error

How to verify the jwt token

//my code
jwt.verify(token, 'shhhhh', {algorithm:"RS256"} , function(err, decoded) {
    console.log(decoded) // bar
JsonWebTokenError: invalid algorithm

When you paste the token in jwt.io, does it show RS256 as sign algorithm?

And which key (second parameter) are you using / where are you getting it from, just to confirm it’s the right one. If using RS256, the signed asymmetrically using a key, not a secret (as with symmetric signing). The key is at https://YOUR_TENANT.auth0.com/.well-known/jwks.json

Yes in jwt.io it is showing alg as RS256 , same thing i gave for verification still i am not getting the result, the url for the key is not working

the url for the key is not working

You need to fetch the key from there and use it in the verify method, not just put the URL as parameter. Check the example on GitHub - auth0/node-jsonwebtoken: JsonWebToken implementation for node.js http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html

// Verify using getKey callback
// Example uses https://github.com/auth0/node-jwks-rsa as a way to fetch the keys.
var jwksClient = require('jwks-rsa');
var client = jwksClient({
  jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json'
function getKey(header, callback){
  client.getSigningKey(header.kid, function(err, key) {
    var signingKey = key.publicKey || key.rsaPublicKey;
    callback(null, signingKey);

jwt.verify(token, getKey, options, function(err, decoded) {
  console.log(decoded.foo) // bar

Related thread / question: