JWT-based user authentication provider
Verifies JWT tokens and extracts user IDs from claims. Use for multi-tenant deployments where users authenticate via JWT.
// HS256 with shared secretconst userAuth = new JWTUserAuth({ secret: process.env.JWT_SECRET!, issuer: 'https://auth.example.com', audience: 'api.example.com',});// RS256 with public keyconst userAuth = new JWTUserAuth({ publicKey: process.env.JWT_PUBLIC_KEY!, issuer: 'https://auth.example.com',});// RS256 with JWKS URL (dynamic key rotation)const userAuth = new JWTUserAuth({ jwksUrl: 'https://auth.example.com/.well-known/jwks.json', issuer: 'https://auth.example.com', audience: 'api.example.com',}); Copy
// HS256 with shared secretconst userAuth = new JWTUserAuth({ secret: process.env.JWT_SECRET!, issuer: 'https://auth.example.com', audience: 'api.example.com',});// RS256 with public keyconst userAuth = new JWTUserAuth({ publicKey: process.env.JWT_PUBLIC_KEY!, issuer: 'https://auth.example.com',});// RS256 with JWKS URL (dynamic key rotation)const userAuth = new JWTUserAuth({ jwksUrl: 'https://auth.example.com/.well-known/jwks.json', issuer: 'https://auth.example.com', audience: 'api.example.com',});
Extract and verify user ID from JWT token
HTTP request object with Authorization header
User ID from verified JWT claims
Error if token missing, invalid, expired, or claims invalid
JWT-based user authentication provider
Verifies JWT tokens and extracts user IDs from claims. Use for multi-tenant deployments where users authenticate via JWT.
Example