JWT

Overview

This node provides functionality to work with JSON Web Tokens (JWT). It supports three main operations: signing a payload to create a JWT, verifying the authenticity and validity of a JWT, and decoding a JWT to extract its contents without verification.

Common scenarios where this node is useful include:

• Creating signed tokens for authentication or session management.
• Validating incoming JWTs to ensure they are authentic and not expired.
• Extracting claims from JWTs for authorization decisions or data retrieval.

Practical examples:

• Signing user information into a JWT after login to be used as an access token.
• Verifying a JWT received in an API request header to authenticate the user.
• Decoding a JWT to read embedded claims such as user roles or permissions.

Properties

Name	Meaning
Token	The JWT string to decode or verify.
Return Complete Token	If true, returns the entire token object including header and signature; otherwise returns only the payload.

Output

The output is a JSON object representing the result of the chosen operation:

• Decode: Outputs the decoded JWT content. If "Return Complete Token" is false, it returns the payload claims only. If true, it returns the full token structure including header, payload, and signature.
• Verify: Outputs the verified token content similarly to decode but also validates signature and claims like expiration. If "Return Complete Token" is true, the full token details are returned.
• Sign: Outputs a JSON object containing the newly created JWT string under the token field.

No binary data output is produced by this node.

Dependencies

• Requires an API key credential that provides a secret or key material for signing/verifying tokens.
• Uses the external library jsonwebtoken for JWT operations.
• May require configuration of the key type (public/private/passphrase) depending on the signing algorithm.

Troubleshooting

• Invalid Signature Error: Occurs if the token signature does not match the expected signature using the provided key. Ensure the correct secret/key is configured.
• Token Expired Error: Happens when verifying a token that has passed its expiration time unless "Ignore Expiration" is enabled.
• Malformed Token Error: When the input token string is not a valid JWT format. Verify the token source.
• Missing Credentials: The node requires a valid secret or key credential to sign or verify tokens. Make sure credentials are properly set up.
• Algorithm Mismatch: Using an algorithm different from the one used to sign the token will cause verification failure. Confirm algorithm settings match the token's.

To resolve errors, check the token input, credentials, and parameter configurations carefully.

Links and References

• JWT Official Website
• jsonwebtoken npm package
• RFC 7519 - JSON Web Token (JWT)