Support from the community to continue maintaining and improving this module is welcome. If you find the module useful, please consider supporting the project by becoming a sponsor.
JWT Claims Set verification options.
• optional audience: string | string[]
Expected JWT "aud" (Audience) Claim value(s).
This option makes the JWT "aud" (Audience) Claim presence required.
• optional clockTolerance: string | number
Clock skew tolerance
- In seconds when number (e.g. 5)
- Resolved into a number of seconds when a string (e.g. "5 seconds", "10 minutes", "2 hours").
Used when validating the JWT "nbf" (Not Before) and "exp" (Expiration Time) claims, and when
validating the "iat" (Issued At) claim if the maxTokenAge option is set.
• optional currentDate: Date
Date to use when comparing NumericDate claims, defaults to new Date().
• optional issuer: string | string[]
Expected JWT "iss" (Issuer) Claim value(s).
This option makes the JWT "iss" (Issuer) Claim presence required.
• optional maxTokenAge: string | number
Maximum time elapsed (in seconds) from the JWT "iat" (Issued At) Claim value.
- In seconds when number (e.g. 5)
- Resolved into a number of seconds when a string (e.g. "5 seconds", "10 minutes", "2 hours").
This option makes the JWT "iat" (Issued At) Claim presence required.
• optional requiredClaims: string[]
Array of required Claim Names that must be present in the JWT Claims Set. Default is that: if
the issuer option is set, then JWT "iss" (Issuer) Claim must be present; if the
audience option is set, then JWT "aud" (Audience) Claim must be present; if
the subject option is set, then JWT "sub" (Subject) Claim must be present; if
the maxTokenAge option is set, then JWT "iat" (Issued At) Claim must be
present.
• optional subject: string
Expected JWT "sub" (Subject) Claim value.
This option makes the JWT "sub" (Subject) Claim presence required.
• optional typ: string
Expected JWT "typ" (Type) Header Parameter value.
This option makes the JWT "typ" (Type) Header Parameter presence required.