| Method | Resource | Purpose |
|---|
| GET | /tokens/:token | Verifies an access token and returns its payload if valid |
GET /tokens/:token
Verifies an access token and returns its payload if valid.
The returned payload adheres to the RFC7519 specifications.
Parameters
| Parameter | Type | Mandatory | Description |
|---|
:token | Path | Yes | The access token to verify |
Response
sub: string; // the user's email address
aud: string; // the domain where this user has granted access
iss: string; // the issuer (i.e. nopwd.io)
exp: number; // the expiration time of this token (POSIX time in seconds)
iat: number; // the issuance time of this token (POSIX time in seconds)
jti: string; // a unique identifier for the authentication flow
amr: string[]; // a list of authentication methods used to generate this token, e.g., "webauthn" or "magiclink"
| Code | Description |
|---|
| 200 | The token is valid and has not expired |
| 400 | The access token is malformed |
| 401 | The access token is invalid (expired signature key or incorrect token signature) |
| 403 | The access token has an incorrect issuer (iss != nopwd.io) |
| 404 | The access token is valid but has expired (exp < now) |
Usage
const response = await fetch(`https://api.nopwd.io/v0/tokens/${access_token}`);
const jwt = <JwtPayload>response.json();
