/azure-ad-verify-token

Verify JWT issued by Azure Active Directory B2C.

Primary LanguageTypeScriptMIT LicenseMIT

NPM Version CI Dependency Status Dev Dependency Status Codecov

Azure AD Verify Token

Verify JWT issued by Azure Active Directory B2C.

Table of Contents

Features

  • 🎉 Verify JWT issued by Azure Active Directory B2C.
  • 🚀 Automatically use the rotated public keys from Azure.
  • 💪 Written in TypeScript.
  • ♻️ Configurable cache for public keys.

Installation

npm install azure-ad-verify-token --save

Usage

Verify

import { verify, VerifyOptions } from 'azure-ad-verify-token';

const options: VerifyOptions = {
  jwksUri: 'https://contoso.b2clogin.com/contoso.onmicrosoft.com/discovery/v2.0/keys?p=b2c_1_signupsignin1',
  issuer: 'https://contoso.b2clogin.com/3285c484-dce5-4abb-a341-bbe4f2bc8554/v2.0/',
  audience: '99d1275c-e805-483f-b832-600f8130829c'
};

verify(token, options)
  .then(decoded => {
    // verified and decoded token
    console.log(decoded);
  })
  .catch(error => {
    // invalid token
    console.error(decoded);
  });

Verify options:

Property Type Description
jwksUri string jwk_uri value obtained from B2C policy metadata endpoint.
issuer string issuer value obtained from B2C policy metadata endpoint.
audience string Application ID of the application accessing the tenant.

Example metadata endpoints:

Configuration

import { setConfig } from 'azure-ad-verify-token';

setConfig({
  cacheLifetime: 12 * (60 * 60 * 1000) // 12 hours
});

Configuration options:

Property Type Description Default
cacheLifetime number Number of milliseconds to cache public keys. 1 hour

References

Development

npm install
npm run build