I just added token based authentication to my express JS application - Looks like the token type doesn't show in the decoded section.
I'm testing using https://jwt.io/
Token I used to test -
eyJhbGciOiJIUzI1NiJ9.eyJfaWQiOiJSYW4zIiwibmFtZSI6IlJhbjMgVGVzdCJ9.YPJXc4tp8NaWcboE9obwGvm-AGa6fkN1IA6y0pT7u-w"
The header section just shows up
{
"alg": "HS256"
}
I expect it to show up like this -
{
"alg": "HS256",
"typ": "JWT"
}
Please explain why the Token type is missing from the header?
I generate the token like this -
var token = jwt.sign(JSON.stringify(user_dict), app.get('superSecret'));
Thanks
The "type" is an optional setting on the header per the spec which is not typically utilized so most examples don't share how to do it. Assuming you are using this library (https://github.com/auth0/node-jsonwebtoken) you will be able to pass in options to the "header" via options.header
value which should allow you to specify the field "typ":"JWT" via
var options = { "header": { "typ": "JWT" } };
var token = jwt.sign(JSON.stringify(user_dict), app.get('superSecret'), options);