{"id":18552384,"url":"https://github.com/traviswimer/cognito-jwt-verifier","last_synced_at":"2025-05-15T11:12:39.191Z","repository":{"id":57202874,"uuid":"137687736","full_name":"traviswimer/cognito-jwt-verifier","owner":"traviswimer","description":"Verifies and decodes an AWS Cognito JWT token.","archived":false,"fork":false,"pushed_at":"2022-07-17T01:28:27.000Z","size":164,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-01-26T10:17:29.937Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/traviswimer.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-06-17T21:17:56.000Z","updated_at":"2022-07-17T01:27:26.000Z","dependencies_parsed_at":"2022-09-17T04:10:24.456Z","dependency_job_id":null,"html_url":"https://github.com/traviswimer/cognito-jwt-verifier","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/traviswimer%2Fcognito-jwt-verifier","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/traviswimer%2Fcognito-jwt-verifier/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/traviswimer%2Fcognito-jwt-verifier/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/traviswimer%2Fcognito-jwt-verifier/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/traviswimer","download_url":"https://codeload.github.com/traviswimer/cognito-jwt-verifier/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239278507,"owners_count":19612329,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T21:14:04.867Z","updated_at":"2025-02-17T10:43:26.215Z","avatar_url":"https://github.com/traviswimer.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# cognito-jwt-verifier\n\n\u003e Verifies and decodes an AWS Cognito JWT token.\n\u003e\n\u003e **Warning**\n\u003e AWS now supports their own library for this purpose. You likely want to use it instead:\n\u003e\n\u003e [aws-jwt-verify](https://www.npmjs.com/package/aws-jwt-verify)\n\n## Installation\n\n`yarn add cognito-jwt-verifier`\n\n`npm install cognito-jwt-verifier`\n\n## Usage\n\n**Simple example:**\n\n```Javascript\nimport CognitoJwtVerifier from \"cognito-jwt-verifier\";\nconst verifier = new CognitoJwtVerifier();\n\nverifier.verifyToken({\n\ttoken: 'AwsCognitoToken',\n\taws_region: 'us-east-1',\n\tuserpool_id: 'AwsUserpoolId',\n\tuserpool_client_id: 'AwsUserpoolClientId'\n}).then((decoded_token)=\u003e{\n\t// Token is valid\n\tconsole.log(decoded_token);\n}).catch((err)=\u003e{\n\t// Token is invalid or another error occurred\n\tconsole.error(err)\n});\n```\n\n## What it does\n\nThis package is based on information from the following AWS documentation:\n[https://aws.amazon.com/premiumsupport/knowledge-center/decode-verify-cognito-json-token/](https://aws.amazon.com/premiumsupport/knowledge-center/decode-verify-cognito-json-token/)\n\nIt performs the following tasks:\n\n1. Reads the `kid`(key ID) from the token header, and uses it to retrieve the correct public key from AWS.\n2. Uses the public key and the token to verify the token signature, using [jsonwebtoken](https://www.npmjs.com/package/jsonwebtoken).\n3. Checks that the token expiry timestamp is still a time in the future.\n4. Checks that the `aud` token property matches the ID of the intended AWS userpool client.\n\n**If you believe there may be a security flaws in this implementation, please open an issue ASAP.**\n\n## API\n\n### CognitoJwtVerifier\n\n#### verifyToken({ token, aws_region, userpool_id, userpool_client_id })\n\n- _token_ (string) - The AWS Cognito token to be verified.\n- _aws_region_ (string) - The AWS region the userpool is located in.\n- _userpool_id_ (string) - The ID of the userpool to be verified against.\n- _userpool_client_id_ (string) - The ID of the userpool client to be verified against.\n\n**returns a promise:**\n\n- Resolves with: (Object) The decoded JWT token.\n\n## Project Links\n\n- [NPM](https://www.npmjs.com/package/cognito-jwt-verifier)\n- [GitHub](https://github.com/traviswimer/cognito-jwt-verifier)\n\n## Author\n\n#### Travis Wimer\n\n- \u003ca href=\"https://traviswimer.com/developer-portfolio\" title=\"React Native, React, NodeJS, UI/UX Developer\" target=\"_blank\"\u003eDeveloper Portfolio\u003c/a\u003e\n- \u003ca href=\"https://traviswimer.com/blog\" title=\"React Native, React, NodeJS, UI/UX Blog\" target=\"_blank\"\u003eBlog\u003c/a\u003e\n- \u003ca href=\"https://www.linkedin.com/in/traviswimer/\" title=\"Developer Resume\" target=\"_blank\"\u003eLinkedIn\u003c/a\u003e\n- \u003ca href=\"https://twitter.com/Travis_Wimer\" title=\"Travis Wimer | Software Developer\" target=\"_blank\"\u003eTwitter\u003c/a\u003e\n- \u003ca href=\"https://traviswimer.com/developer-portfolio/cognito-jwt-verifier\" title=\"cognito-jwt-verifier | Travis Wimer\" target=\"_blank\"\u003ecognito-jwt-verifier Portfolio Page\u003c/a\u003e\n\n## License\n\nMIT. Copyright © 2022 Travis Wimer\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftraviswimer%2Fcognito-jwt-verifier","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftraviswimer%2Fcognito-jwt-verifier","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftraviswimer%2Fcognito-jwt-verifier/lists"}