Validate JWT token without Frontegg middleware
If you prefer not to use any of the Frontegg middlewares, you can easily validate your JWT token using the public key available from the Frontegg portal.
Step-By-Step guide
Follow the steps below to use the public key from the JWT token signature to verify a JWT token:
Step 1: Get public key
- Go to [ENVIRONMENT] ➜ Configurations ➜ Security ➜ JWT.
- In the JWT signature tab, copy the public key.
For reference, here are links to the development and production JWT settings:
Step 2: Validate token
Once you have the public key, you can verify the token. Use the following code samples to validate the JWT and retrieve the user's information:
const jwt = require('jsonwebtoken'); const cert = 'PUBLIC_KEY_FROM_FRONTEGG_PORTAL'; jwt.verify(token, cert, function(err, user) { console.log(user) // user info from the token });
After validating the user, you get a user object containing information about the user.
guides/integrations/protect-backend-api