Which sectet do I need to verify the jwt in NodeJS?

mikamanelka · February 2, 2023, 11:08am

I want to use a middleware like that:

const verifyToken = (req, res, next) => { const token = req.headers.authorization.split(" ")[1]; const verifiedToken = jwt.verify( token, "which secret to use here?" ); next(); };

I tried every Client Secret I could find in my Auth0 account, but none worked.
Can you tell me which secret to use here?

ty.frith · February 4, 2023, 12:30am

Hi there @mikamanelka welcome to the community!

Auth0 exposes a JWKS endpoint for each tenant, which is found at https://YOUR_DOMAIN/.well-known/jwks.json . This endpoint will contain the JWK used to verify all Auth0-issued JWTs for this tenant.

See secretOrPublicKey here:

Hope this helps!

Topic		Replies	Views
How can I get this JWT Secret Key JWT.io jwt , login , access-token , private-key	2	9425	January 11, 2024
Confusion about the JWKS Get Help	6	2787	February 24, 2022
How to validate the jwt on server? Get Help login-experience , new-universal-login-experience	2	3468	August 18, 2023
Auth0 token - Node Jsonwebtoken - Cloudflare Workers Get Help	4	2561	December 22, 2022
Why does jwt.verify() give "invalid signature"? JWT.io	13	95709	January 22, 2019

Which sectet do I need to verify the jwt in NodeJS?

Related topics