azure-ad-verify-token
v3.0.3
Published
Verify JWT issued by Azure Active Directory B2C.
Downloads
20,271
Maintainers
Readme
Azure AD Verify Token
Verify JWT issued by Azure Active Directory B2C.
Table of Contents
Features
- 🎉 Verify JWT issued by Azure Active Directory B2C.
- 🚀 Automatically use the rotated public keys from Azure.
- 💪 Written in TypeScript.
- ♻️ Configurable cache for public keys.
Installation
npm install azure-ad-verify-token --save
Usage
Verify
import { verify, VerifyOptions } from 'azure-ad-verify-token';
const options: VerifyOptions = {
jwksUri:
'https://contoso.b2clogin.com/contoso.onmicrosoft.com/discovery/v2.0/keys?p=b2c_1_signupsignin1',
issuer:
'https://contoso.b2clogin.com/3285c484-dce5-4abb-a341-bbe4f2bc8554/v2.0/',
audience: '99d1275c-e805-483f-b832-600f8130829c',
};
verify(token, options)
.then((decoded) => {
// verified and decoded token
console.log(decoded);
})
.catch((error) => {
// invalid token
console.error(error);
});
Verify options:
| Property | Type | Description |
| ---------- | -------- | ----------------------------------------------------------- |
| jwksUri
| string
| jwk_uri
value obtained from B2C policy metadata endpoint. |
| issuer
| string
| issuer
value obtained from B2C policy metadata endpoint. |
| audience
| string
| Application ID of the application accessing the tenant. |
Example metadata endpoints:
- https://login.microsoftonline.com/common/.well-known/openid-configuration
- https://login.microsoftonline.com/common/discovery/keys
Configuration
import { setConfig } from 'azure-ad-verify-token';
setConfig({
cacheLifetime: 12 * (60 * 60 * 1000), // 12 hours
});
Configuration options:
| Property | Type | Description | Default |
| --------------- | -------- | -------------------------------------------- | ------- |
| cacheLifetime
| number
| Number of milliseconds to cache public keys. | 1 hour |
References
- Overview of tokens in Azure Active Directory B2C
- Microsoft identity platform access tokens
- RSA Key Converter
Development
npm install
npm run build