Generated on May 8, 2024 via pnpm

Npm

Home

jsonwebtoken 9.0.2

JSON Web Token implementation (symmetric and asymmetric)

jwt

Package summary

issues

licenses

Package created

1 Jul 2013

Version published

30 Aug 2023

Maintainers

Total deps

Direct deps

License

MIT

Issues

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

12 Packages, Including:

jsonwebtoken@9.0.2

jwa@1.4.1

jws@3.2.2

lodash.includes@4.3.0

lodash.isboolean@3.0.3

lodash.isinteger@4.0.4

lodash.isnumber@3.0.3

lodash.isplainobject@4.0.6

lodash.isstring@4.0.1

lodash.once@4.1.1

ms@2.1.3

safe-buffer@5.2.1

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

1 Packages, Including:

buffer-equal-constant-time@1.0.1

Apache License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

use-patent-claims

place-warranty

Cannot

hold-liable

use-trademark

Must

include-copyright

include-license

state-changes

include-notice

1 Packages, Including:

ecdsa-sig-formatter@1.0.11

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

1 Packages, Including:

semver@7.6.1

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of jsonwebtoken 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type
jws	3.2.2	5.75 kB	MIT	prod
lodash.includes	4.3.0	6.05 kB	MIT	prod
lodash.isboolean	3.0.3	2.06 kB	MIT	prod
lodash.isinteger	4.0.4	3.38 kB	MIT	prod
lodash.isnumber	3.0.3	2.14 kB	MIT	prod
lodash.isplainobject	4.0.6	2.96 kB	MIT	prod
lodash.isstring	4.0.1	2.13 kB	MIT	prod
lodash.once	4.1.1	3.81 kB	MIT	prod
ms	2.1.3	2.9 kB	MIT	prod
semver	7.6.1	93.27 kB	ISC	prod

Tree

Treemap

Frequently Asked Questions

What does jsonwebtoken do?

jsonwebtoken is a reliable JavaScript library that implements JSON Web Tokens (JWTs). JWT is a standard way to create access tokens with detailed explicit claims that are securely encrypted with a private and/or public key. The tokens are used mainly for authentication and secure information exchange.

How do you use jsonwebtoken?

To make use of jsonwebtoken, you first need to install it through npm with the command npm install jsonwebtoken. Once installed, you can require the library in your JavaScript code with var jwt = require('jsonwebtoken');.

Creating JWTs requires the sign method, which creates a new token with a specific payload and secret. Here is a simple demonstration of its usage:

var jwt = require('jsonwebtoken');
var token = jwt.sign({ foo: 'bar' }, 'shhhhh');

In this instance, { foo: 'bar' } is the payload and 'shhhhh' stands as the secret. The sign method will return a token string.

To verify the integrity of the token, jsonwebtoken provides the verify function which checks if the token is valid using a secret or a public key. If successful, a decoded payload is returned. A failure will throw an error.

var decodedPayload = jwt.verify(token, 'shhhhh');
console.log(decodedPayload.foo) // Outputs: bar

In the above example, the verify method accepts several options for doing things like checking the issuer, verifying correct audience, or checking token lifespan.

Where are the jsonwebtoken docs?

The jsonwebtoken documentation, including more detailed instructions and usage examples, is available on their GitHub repository at https://github.com/auth0/node-jsonwebtoken.