pink612 pink612 - 1 year ago 79
JSON Question

Express JS and JWT - Token Type not shown in decoded header

I just added token based authentication to my express JS application - Looks like the token type doesn't show in the decoded section.

I'm testing using

Token I used to test -


The header section just shows up

"alg": "HS256"

I expect it to show up like this -

"alg": "HS256",
"typ": "JWT"

Please explain why the Token type is missing from the header?

I generate the token like this -

var token = jwt.sign(JSON.stringify(user_dict), app.get('superSecret'));


Answer Source

The "type" is an optional setting on the header per the spec which is not typically utilized so most examples don't share how to do it. Assuming you are using this library ( you will be able to pass in options to the "header" via options.header value which should allow you to specify the field "typ":"JWT" via

var options = { "header": { "typ": "JWT" } };
var token = jwt.sign(JSON.stringify(user_dict), app.get('superSecret'), options);
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download