Is there a standard way to generate paseto tokens with human-readable payload without verification?

[iambumblehead]

Hello,

I'm using the PASETO package here https://www.npmjs.com/package/paseto to generate PASETO tokens and am trying to understand if there is a standard way to generate a PASETO token that yields human-readable payload without verification.

The reason for this is, some oauth flows return a JWT "id_token" yielding user data, such as a display_name. link. Because JWT tokens are used in these flows, the data is readable without decryption or verification. If possible, I'd like to generate a PASETO id_token.

Thank you for any response you may have.

[aidantwoods]

PASETO in public mode doesn't require decryption, though does require checking the signature is valid. Is this perhaps what you want? This is done using a public key (so doesn't require any secrets).

PASETO is not the right tool if you want tokens that aren't verified at all though.

[iambumblehead]

@aidantwoods thank you. I think you have answered my question. I was hoping there might be another way that would not require even the public key but I understand PASETO is not meant to facilitate such scenarios.