xdmp:jwt-validate
xdmp:jwt-validate( $JWT as xs:string, $alg as xs:string, $secret as xs:string ) as xs:boolean
Summary
Validates the signature of a JWT. Note that if the token has an invalid signature or format, this function will return false without any additional logging. Please make sure that the inputted JWT is properly formatted.
| Parameters | |
|---|---|
| JWT | JWT that is to be validated. |
| alg | Signature algorithm used for the JWT. |
| secret | Secret used to decrypt JWT signature. The secret must be base64url or hex-encoded. |
Example
xquery version "1.0-ml";
xdmp:jwt-validate("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.5mhBHqs5_DTLdINd9p5m7ZJ6XD0Xc55kIaCRY5r6HRA",
"HS256",
"74657374")
=> true