Are there any examples of validating a JWT on node.js and express?
I'm trying to use Okta's OpenID Connect feature to generate an id_token in a web app, which then gets passed to my REST endpoints to authorise the user.
I've tried using the https://github.com/auth0/express-jwt Express middleware, but this doesn't seem to work with JWK and key rotation which Okta's OpenID Connect feature uses (see my issue on that project: https://github.com/auth0/express-jwt/issues/166 ).
I've also found https://devstufftoremember.wordpress.com/2017/04/12/verify-jwt-access_token-jsw-using-jwk-and-node-js/ that uses the node-jose package to verify a JWT token using JWK keys. I can't find any middleware for that, so I might try writing my own.
Good morning Martin, Here are some articles that might be helpful: - https://github.com/auth0/node-jwks-rsa/tree/master/examples/express-demo - http://stackoverflow.com/questions/32634817/express-js-node-js-okta-getting-user-and-groups-info
And also here is our developer article regarding Okta OpenID Connect: https://help.okta.com/en/prev/Content/Topics/Apps/Apps_App_Integration_Wizard.htm#OIDCWizard
If you still have questions or issues, I would recommend you to visit our developer's support page here : https://developer.okta.com/ you also can send your questions to firstname.lastname@example.org which will automatically create a ticket with our developers.
Thank you, Behrouz Ghorchi Technical Support Engineer Okta Global Customer Care