JWT.EXTRACT

JWT.EXTRACT will extract the payload of a supplied JWT using a given algorithm as an object.

Xapix currently supports the HS256, HS384, HS512 algorithms.

Function category: JWT

The JWS.EXTRACT function is very similar to the JWS.VERIFY function, except the following:

  • With a successfully verified JWT, this function returns a response wrapped in a data envelope with the key payload

  • With a failed verification, this function returns the key error pointing to an error message. If it encounters an error, it will abort the pipeline.

Syntax

JWT.EXTRACT(arg1, arg2, arg3, [args...])

Arguments

Description

arg1

String denoting the algorithm used in encryption.

arg2

String of input data from which to verify and extract payload.

arg3

String, which is the signature that must be matched.

[args...]

Additional set of arguments for usage with certain subsets of algorithms.

Examples

Example 1: Extract payload from a signed JWT

Let's say we receive the following JWT that has been encoded with the HS256 algorithm:

eyJhbGciOiJIUzI1NiJ9.
eyJuaWwiOls0LDUsInF3ZSJdfQ.
slTZMJTvamnCLdyAk4x_HrIkK_SESjboxdHiuFj-meM

We want to extract the payload, we can use JWT.EXTRACT.

JWT.EXTRACT('HS256', 'eyJhbGciOiJIUzI1NiJ9.eyJuaWwiOls0LDUsInF3ZSJdfQ.slTZMJTvamnCLdyAk4x_HrIkK_SESjboxdHiuFj-meM', 'password')

This returns the following parsed payload:

{"foo" 1 "bar" [4 5 "qwe"]}