You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Sep 18, 2021. It is now read-only.
Possible that you guys could give a short comment on all above scripts?
Is it just the the purpose of decoding, showing content of the tokens in the browser?
In real world applications would people do stuff like that? Is the more used approach not to use the token to ask the user endpoint to get the claims / profile.
I am wondering if you have a good usecase where you have used this in real world applications to decode the jwt tokens on the client.
The text was updated successfully, but these errors were encountered:
We will eventually provide some JS to validate id tokens and this is a JS library we are using for now to do that (since it already implemented all the JWT validation).
The OIDC spec requires that the first thing you do in your client app is to validate the identity token. This sample will eventually show how this works in JS. But we are done yet.
I figured that it was not done, some other comment/task here indicated it.
Makes sense. So validate the identity token.
The reason why I might not have seen this before when working with oauth2, could it be normal behavior that you just request a token and pass it on to the resource api again and its not important to validate the token if its not used in the client but only to access remote resources.
Possible that you guys could give a short comment on all above scripts?
Is it just the the purpose of decoding, showing content of the tokens in the browser?
In real world applications would people do stuff like that? Is the more used approach not to use the token to ask the user endpoint to get the claims / profile.
I am wondering if you have a good usecase where you have used this in real world applications to decode the jwt tokens on the client.
The text was updated successfully, but these errors were encountered: