/JWTDecode

A library to help you decode JWTs in Swift

Primary LanguageSwiftMIT LicenseMIT

JWTDecode.swift

CircleCI Version Coverage Status License

Easily decode a JWT and access the claims it contains.

⚠️ This library doesn't validate the JWT. Any well-formed JWT can be decoded from Base64URL.

Migrating from v2? Check the Migration Guide.


Table of Contents

Requirements

  • iOS 12+ / macOS 10.15+ / tvOS 12.0+ / watchOS 6.2+
  • Xcode 13.x / 14.x
  • Swift 5.5+

⚠️ Check the Support Policy to learn when dropping Xcode, Swift, and platform versions will not be considered a breaking change.

Installation

Swift Package Manager

Open the following menu item in Xcode:

File > Add Packages...

In the Search or Enter Package URL search box enter this URL:

https://github.com/auth0/JWTDecode.swift

Then, select the dependency rule and press Add Package.

💡 For further reference on SPM, check its official documentation.

Cocoapods

Add the following line to your Podfile:

pod 'JWTDecode', '~> 3.0'

Then, run pod install.

💡 For further reference on Cocoapods, check their official documentation.

Carthage

Add the following line to your Cartfile:

github "auth0/JWTDecode.swift" ~> 3.0

Then, run carthage bootstrap --use-xcframeworks.

💡 For further reference on Carthage, check their official documentation.

Usage

See all the available features in the API documentation ↗

  1. Import the framework
import JWTDecode
  1. Decode the token
let jwt = try decode(jwt: token)    

JWT parts

Part Property
Header dictionary jwt.header
Claims in JWT body jwt.body
JWT signature jwt.signature

Registered claims

Claim Property
aud Audience jwt.audience
sub Subject jwt.subject
jti JWT ID jwt.identifier
iss Issuer jwt.issuer
nbf Not Before jwt.notBefore
iat Issued At jwt.issuedAt
exp Expiration Time jwt.expiresAt

Custom claims

You can retrieve a custom claim through a subscript and then attempt to convert the value to a specific type.

if let email = jwt["email"].string {
    print("Email is \(email)")
}

The supported conversions are:

var string: String?
var boolean: Bool?
var integer: Int?
var double: Double?
var date: Date?
var array: [String]?

You can easily add a convenience accessor for a custom claim in an extension.

extension JWT {
    var myClaim: String? {
        return self["my_claim"].string
    }
}

Error handling

If the JWT is malformed the decode(jwt:) function will throw a JWTDecodeError.

catch let error as JWTDecodeError {
    print(error)
}

Support Policy

This Policy defines the extent of the support for Xcode, Swift, and platform (iOS, macOS, tvOS, and watchOS) versions in JWTDecode.swift.

Xcode

The only supported versions of Xcode are those that can be currently used to submit apps to the App Store. Once a Xcode version becomes unsupported, dropping it from JWTDecode.swift will not be considered a breaking change, and will be done in a minor release.

Swift

The minimum supported Swift minor version is the one released with the oldest-supported Xcode version. Once a Swift minor becomes unsupported, dropping it from JWTDecode.swift will not be considered a breaking change, and will be done in a minor release.

Platforms

Only the last 4 major platform versions are supported, starting from:

  • iOS 12
  • macOS 10.15
  • Catalyst 13
  • tvOS 12
  • watchOS 6.2

Once a platform version becomes unsupported, dropping it from JWTDecode.swift will not be considered a breaking change, and will be done in a minor release. For example, iOS 12 will cease to be supported when iOS 16 gets released, and JWTDecode.swift will be able to drop it in a minor release.

In the case of macOS, the yearly named releases are considered a major platform version for the purposes of this Policy, regardless of the actual version numbers.

Issue Reporting

For general support or usage questions, use the Auth0 Community forums or raise a support ticket. Only raise an issue if you have found a bug or want to request a feature.

Do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

What is Auth0?

Auth0 helps you to:

  • Add authentication with multiple sources, either social identity providers such as Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce (amongst others), or enterprise identity systems like Windows Azure AD, Google Apps, Active Directory, ADFS, or any SAML identity provider.
  • Add authentication through more traditional username/password databases.
  • Add support for linking different user accounts with the same user.
  • Support for generating signed JSON web tokens to call your APIs and flow the user identity securely.
  • Analytics of how, when, and where users are logging in.
  • Pull data from other sources and add it to the user profile through JavaScript Actions.

Why Auth0? Because you should save time, be happy, and focus on what really matters: building your product.

License

This project is licensed under the MIT license. See the LICENSE file for more info.


Go up ⤴