jsonwebtoken

A TypeScript implementation of JSON Web Tokens for Node.js.

Installation

npm install jsonwebtoken

Documentation

📚 Complete documentation is available in the docs folder

API Reference

• sign() - Create JWTs
• verify() - Validate JWTs
• decode() - Decode without verification
• Synchronous API

Guides

• Installation & Setup
• Migration Guide v10
• Security & Algorithms

Quick Start

Asynchronous (Promise-based)

const jwt = require('jsonwebtoken');

// Sign a token
const token = await jwt.sign({ foo: 'bar' }, 'secret');

// Verify a token
const decoded = await jwt.verify(token, 'secret');
console.log(decoded.foo) // 'bar'

Synchronous

const jwt = require('jsonwebtoken');

// Sign a token
const token = jwt.signSync({ foo: 'bar' }, 'secret');

// Verify a token
const decoded = jwt.verifySync(token, 'secret');
console.log(decoded.foo) // 'bar'

Callback-based

const jwt = require('jsonwebtoken');

// Sign a token
jwt.sign({ foo: 'bar' }, 'secret', (err, token) => {
  if (err) throw err;
  
  // Verify the token
  jwt.verify(token, 'secret', (err, decoded) => {
    if (err) throw err;
    console.log(decoded.foo) // 'bar'
  });
});

Requirements

• Node.js >= 20
• npm >= 10

License

This project is licensed under the MIT license. See the LICENSE file for more info.

Author

Auth0

Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.