Closed mrichman closed 1 year ago
Decode the token after using https://docs.rs/jsonwebtoken/latest/jsonwebtoken/struct.Validation.html#method.insecure_disable_signature_validation
I did validation.insecure_disable_signature_validation()
but I still get ExpiredSignature
. Anything else I can do?
You need to set validate_exp
and validte_nbf
to false
as well
That did the trick, thanks!
Is it possible to decode a token without performing validation? I have unit tests where I need to retrieve just the claims from the token without calling out to a JWKS URL for validation purposes.