Decoding the token doesn't work
Options
![SB](https://us.v-cdn.net/6037124/user_avatars/2138481.jpg)
SB
Member ✭
I go to https://jwt.io/ to try to decode my token but it says that the token is not a proper json (see image). Is it not possible to decode a Xano auth token?
[image.png]
[image.png]
Comments
-
The Xano Authentication token is a JWE token which means the encrypted version of a JWT token. This is on purpose.
You can definitely decode the token, but you need the secret key applied to your workspace. -
So, if access token is expired we can't even debug it to understand what's wrong?
Or is it possible to get access to the secret key applied to our workspaces?
-
Hey @Ivan Pomortsev, the Xano built in auth comes with limitations, but you can roll your own access token regime if you want to get around them and be able to inspect tokens yourself. The security functions in Xano make that relatively painless, and you can just drop the function that validates the token at the top of each of your would-be authenticated endpoints. It's a bit more work, but not a ton. (I did something like this for an iteration of ethereum wallet based authentication)
Categories
- All Categories
- 53 ? Announcements
- 47 ? Releases
- 37 ? Welcome
- 983 ? Help! I'm a Noob
- 125 ? No-Code Front-Ends
- 633 ? Working with APIs
- 439 ? Transforming data
- 126 ? Connect Xano to ...
- 50 ?? Find an Expert
- 348 ❓Other questions
- 35 ? Security
- 22 ✂️ Snippets
- 19 ? Showcase
- 7 ?️ Xano Chatter
- 62 ? Video Tutorials
- 171 ? Request a feature
- 229 ? Report a Bug
- 19 ? Templates & Extensions
- 7 ? Feedback