Decode JWT access token without validation

Considering that the app is verifying the JWT access token [with SciGateway Auth](https://github.com/icatproject/search_api/blob/main/api/auth.py#L19-L22) it means that it is fine to decode the [JWT access token without validation](https://pyjwt.readthedocs.io/en/latest/usage.html#reading-the-claimset-without-validation) when getting its payload. By doing this, the app will no longer have to use the public key from SciGateway Auth.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Decode JWT access token without validation #2

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Decode JWT access token without validation #2

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions