jwt-auth

JWT authentication nodes for n8n workflows - verify signatures and validate claims

Package Information

Released: 8/18/2025
Downloads: 2 weeklyĀ /Ā 13 monthly
Latest Version: 0.2.0
Author: Aliou Diallo

Available Nodes

JWT Auth icon
JWT Auth
No description available
JWT Auth Verify icon
JWT Auth Verify
No description available
JWT Auth Validate icon
JWT Auth Validate
No description available

Documentation

n8n JWT Authentication Nodes

Comprehensive JWT (JSON Web Token) nodes for n8n workflows. Sign, decode, verify, and validate JWT tokens with support for JWKS (JSON Web Key Set) endpoints.

n8n
License
Version

Features

  • šŸ” Complete JWT Operations: Sign, Decode, Verify, and Validate tokens
  • šŸ”‘ JWKS Support: Automatic key fetching from JWKS endpoints
  • āœ… Comprehensive Validation: Claims, expiration, audience, issuer checks
  • šŸŽÆ Dual Outputs: Separate success/error paths for better workflow control
  • šŸ”§ Flexible Configuration: Multiple token sources and extraction methods
  • šŸ›”ļø Security First: Clear separation between verification and validation

Installation

In n8n

  1. Go to Settings > Community Nodes
  2. Search for @general-dexterity/n8n-nodes-jwt-auth
  3. Click Install

Manual Installation

npm install -g @general-dexterity/n8n-nodes-jwt-auth

Docker

Add to your docker-compose.yml:

services:
  n8n:
    image: n8nio/n8n
    environment:
      - N8N_CUSTOM_EXTENSIONS=/home/node/.n8n/custom
    volumes:
      - ./n8n-nodes-jwt-auth:/home/node/.n8n/custom/node_modules/@general-dexterity/n8n-nodes-jwt-auth

Nodes Included

šŸ” JWT Auth

All-in-one node for JWT operations:

  • Sign: Create and sign new tokens
  • Decode: Parse tokens without verification
  • Verify: Verify signature using JWKS
  • Validate: Check structure and claims

šŸ“– Full Documentation

āœ… JWT Auth Verify

Dedicated node for JWT signature verification using JWKS endpoints.

šŸ“– Full Documentation

šŸ” JWT Auth Validate

Validate JWT structure and claims without signature verification.

šŸ“– Full Documentation

Credentials

šŸ”‘ JWT Auth JWKS

Configure JWKS endpoints for token verification.

šŸ“– Full Documentation

šŸ—ļø JWT Auth Key

Store signing keys for creating JWT tokens.

šŸ“– Full Documentation

Quick Start

Verify Incoming JWT Tokens

  1. Add Webhook Trigger
  2. Add JWT Auth node
    • Operation: Verify
    • Token Source: Authorization Header
  3. Configure JWKS credential
    • JWKS URL: https://your-provider/.well-known/jwks.json
    • Expected Issuer: https://your-provider
    • Expected Audience: your-api
  4. Handle outputs
    • Success ā†’ Continue processing
    • Error ā†’ Return 401 Unauthorized

Create Signed Tokens

  1. Add JWT Auth node
    • Operation: Sign
  2. Configure JWT Auth Key credential
    • Key Type: PEM Key or Passphrase
    • Algorithm: RS256 or HS256
  3. Set payload
    • Use JSON or individual claims
    • Set expiration time
  4. Use generated token in HTTP requests

Common JWKS Endpoints

Provider JWKS URL Format
Auth0 https://{domain}.auth0.com/.well-known/jwks.json
Okta https://{domain}.okta.com/oauth2/default/v1/keys
AWS Cognito https://cognito-idp.{region}.amazonaws.com/{poolId}/.well-known/jwks.json
Azure AD https://login.microsoftonline.com/{tenant}/discovery/v2.0/keys
Google https://www.googleapis.com/oauth2/v3/certs

Token Extraction Methods

Authorization Header

Authorization: Bearer eyJhbGciOiJSUzI1NiIs...

JSON Field

{
  "token": "eyJhbGciOiJSUzI1NiIs...",
  "data": "..."
}

Supports dot notation: body.token, data.auth.jwt

Raw String

Direct token input for testing or when already extracted.

Workflow Examples

API Authentication Flow

Webhook ā†’ JWT Auth (Verify) ā†’ Process Request
                ā†“ (Error)
         Return 401 Response

Token Generation for External API

Trigger ā†’ Get User Data ā†’ JWT Auth (Sign) ā†’ HTTP Request with Token

Token Inspection

Webhook ā†’ JWT Auth (Decode) ā†’ Analyze Claims ā†’ Route Based on Role

Testing

A complete Docker-based testing environment is provided:

cd tests
docker-compose up -d

This includes:

  • n8n instance with the JWT nodes
  • Mock JWKS server for testing
  • Example workflows
  • Token generation scripts

šŸ“– Testing Documentation

Security Considerations

  • āš ļø Never use Decode for authentication - it doesn't verify signatures
  • āš ļø Validate doesn't check signatures - use only when appropriate
  • āœ… Always use Verify for production authentication
  • šŸ”’ Keep signing keys secure in n8n credentials
  • šŸ”„ Regularly rotate signing keys
  • šŸ” Use HTTPS for all JWKS endpoints

Development

Building from Source

# Install dependencies
pnpm install

# Build the nodes
pnpm build

# Run tests
pnpm test

Project Structure

ā”œā”€ā”€ credentials/       # Credential types
ā”œā”€ā”€ nodes/            # Node implementations
ā”œā”€ā”€ docs/             # Documentation
ā”œā”€ā”€ tests/            # Test environment
ā””ā”€ā”€ assets/           # Icons and images

Support

Contributing

Contributions are welcome! Please read our Contributing Guide for details.

License

MIT - see LICENSE file for details.

Acknowledgments

  • Built for n8n workflow automation platform
  • Uses jose for JWT operations
  • Icons from Phosphor

Discussion