• Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
FusionAuth
  • Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login

Validation of signed JWTs in an offline manner

Scheduled Pinned Locked Moved
Q&A
jwt validation
1
2
2.5k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    dan
    last edited by 10 Nov 2020, 18:07

    I'm currently calling validateJWT() on every request from my microservices to validate the JWT. While I'm sure this may be a very lightweight request, but can FusionAuth provide advice or examples for, say, validating the token on some microservice without having to make requests to the auth server?

    pulled over from https://github.com/FusionAuth/fusionauth-typescript-client/issues/40

    --
    FusionAuth - Auth for devs, built by devs.
    https://fusionauth.io

    1 Reply Last reply Reply Quote 0
    • D
      dan
      last edited by 10 Nov 2020, 18:07

      If you want to skip calling FusionAuth for each of these validation events, you can validate the JWT on your end without a network call.

      If you configure a key pair (public + private) to sign your JWT, then the public key will be available in the JWKS. Many libraries exist that will validate JWTs using JWKS.

      https://fusionauth.io/docs/v1/tech/oauth/endpoints/#openid-configuration
      https://fusionauth.io/docs/v1/tech/oauth/endpoints/#json-web-key-set-jwks

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post