1 Answer
- Newest
- Most votes
- Most comments
1
Hi,
the best way to verify the id token is to use an OIDC, OAuth2, or JWT library.
those library will get the public key from the JWKS endpoint associated with the issuer of the token and validate the signature. Then it will validates that the token is in its valid time boundaries (not before, not after). You can generally add additional checks on claims values, scopes, and client id value.
We provide the following library to help you with that: https://github.com/awslabs/aws-jwt-verify
Jeff
answered 9 months ago
Relevant content
- asked 9 months ago
- Accepted Answerasked 4 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago