-
Notifications
You must be signed in to change notification settings - Fork 0
JSON Web Tokens (JWT) validation
Nate River edited this page Aug 6, 2023
·
10 revisions
Google returns id_token as a part of token response.
Note: This property is only returned if your request included an identity scope, such as openid, profile, or email. The value is a JSON Web Token (JWT) that contains digitally signed identity information about the user.
You can use JWT class from my asset to parse JWT and validate its' signature. If you have ASP.NET backend, move this class to it.
Links: Response format: https://developers.google.com/identity/protocols/oauth2/native-app#handlingresponse JWT validation: https://developers.google.com/identity/openid-connect/openid-connect#validatinganidtoken Public keys for signature validation: https://www.googleapis.com/oauth2/v3/certs JWT debugger: https://jwt.io/