verify
Ce contenu n’est pas encore disponible dans votre langue.
Verify the signature of a JWT and validate standard claims (exp, nbf, iss, etc.). Exits with code 1 if the token is invalid or the signature does not match.
jwtop verify <token> [--secret <secret>] [--key <pem-file>] [--jwks <uri>]Exactly one key source must be provided.
| Flag | Description |
|---|---|
--secret | HMAC secret string (for HS256, HS384, HS512) |
--key | Path or URL to a PEM-encoded public or private key file (RSA, EC, Ed25519) |
--jwks | URL of a JWKS endpoint |
Examples
Section titled “Examples”HMAC secret
jwtop verify $TOKEN --secret mysecretRSA or EC public key file
jwtop verify $TOKEN --key /path/to/public.pemjwtop verify $TOKEN --key https://example.com/public.pemJWKS endpoint
jwtop verify $TOKEN --jwks https://example.com/.well-known/jwks.jsonExit codes
Section titled “Exit codes”| Code | Meaning |
|---|---|
0 | Token is valid |
1 | Token is invalid, signature mismatch, or structural error |