Name: express-jwt-authz
Owner: Auth0
Description: Validate the JWT scope to authorize access to an endpoint
Created: 2016-05-21 04:20:22.0
Updated: 2018-05-06 21:27:47.0
Pushed: 2018-03-14 21:44:50.0
Homepage: null
Size: 3
Language: JavaScript
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Validate a JWTs scope
to authorize access to an endpoint.
$ npm install express-jwt-authz
Use together with express-jwt to both validate a JWT and make sure it has the correct permissions to call an endpoint.
jwt = require('express-jwt');
jwtAuthz = require('express-jwt-authz');
get('/users',
t({ secret: 'shared_secret' }),
tAuthz([ 'read:users' ]),
nction(req, res) { ... });
The JWT must have a scope
claim and it must be a string that specifies permissions separated by spaces. For example:
te:users read:users"
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
This project is licensed under the MIT license. See the LICENSE file for more info.