JWTValidate

Verifies a JWS signature and claims, returning true or false instead of throwing. Useful for simple conditional checks where you don't need the exception detail.

Method Signature

JWTValidate( token, [key], [algorithm], [options] )

Arguments

Argument

Type

Required

Description

Default

token

string

Yes

Compact JWS token string.

key

any

Verification key. Optional when defaultVerifyKey is configured.

null

algorithm

string

Expected algorithm.

null

options

struct

claims (expected claim values), clockSkew (seconds tolerance for exp/nbf).

{}

Returns

boolean — true if the signature is valid and all claim constraints pass, false otherwise.

Examples

if ( jwtValidate( token, secret, "HS256" ) ) {
    payload = jwtVerify( token, secret, "HS256" );
    // proceed with authenticated request
} else {
    // redirect to login / return 401
}

JWTVerify() — throwing counterpart that returns the claims struct
JWTDecode() — inspect a token without verifying
Security Best Practices

PreviousJWTVerify NextJWTDecode

Last updated 21 days ago

Was this helpful?

Good evening

Method Signature

Arguments

Returns

Examples

Related