Optional
algorithmsOptional
audienceExpected JWT "aud" (Audience) Claim value(s).
Optional
clockExpected clock tolerance
Optional
critAn object with keys representing recognized "crit" (Critical) Header Parameter names. The value
for those is either true
or false
. true
when the Header Parameter MUST be integrity
protected, false
when it's irrelevant.
This makes the "Extension Header Parameter "..." is not recognized" error go away.
Use this when a given JWS/JWT/JWE profile requires the use of proprietary non-registered "crit" (Critical) Header Parameters. This will only make sure the Header Parameter is syntactically correct when provided and that it is optionally integrity protected. It will not process the Header Parameter in any way or reject the operation if it is missing. You MUST still verify the Header Parameter was present and process it according to the profile's validation steps after the operation succeeds.
The JWS extension Header Parameter b64
is always recognized and processed properly. No other
registered Header Parameters that need this kind of default built-in treatment are currently
available.
Optional
currentDate to use when comparing NumericDate claims, defaults to new Date()
.
Optional
issuerExpected JWT "iss" (Issuer) Claim value(s).
Optional
maxMaximum token age in seconds.
Optional
requiredArray of required Claim Names that must be present in the JWT Claims Set. Default is that: if the issuer option is set, then "iss" must be present; if the audience option is set, then "aud" must be present; if the subject option is set, then "sub" must be present; if the JWTClaimVerificationOptions.maxTokenAge maxTokenAge option is set, then "iat" must be present.
Subject Identifier. It MUST match the Subject Claim from the ICT.
Optional
typExpected Type.
Generated using TypeDoc
A list of accepted JWS "alg" (Algorithm) Header Parameter values. By default all "alg" (Algorithm) values applicable for the used key/secret are allowed. Note: "none" is never accepted.