Can I use the contents of the OfficeJS bootstrap token

In my Word Addin I obtain a bootstrap token with the command:

const bootstrapToken = await OfficeRuntime.auth.getAccessToken();

I send this token to the backend to verify if the user has the right to our service. For that purpose I need some information about the user. When I inspect the token on the jwt.io website I can see that the information I need is present in the token.

My question: Can I decode the token and extract the necessary information or do I need to use the bootstrap token to call MSGraph and get my information from there?

Solution

If all the information you need is in the bootstrap token, then you can just extract it and use it.

Calling api request inside an interceptor for jwt refresh token going to an infinite loop
Blazor WASM - Component State from Server Missing
Spring security JWT without OAuth
Get Access Token from Microsoft Graph for ClientId with delegated permissions
Azure Access token just created but not capable to verify that is authentic
Invalidation of previous JWT Tokens in Django Rest Framework
Use delegated permissions with Client App Registration
Create middleware which rewrites headers and redirects url to API server
Using Postman Vault secrets in JWT generation in Pre-request script
JWT token authentication fails with message "PII is hidden"
How to decode JWT Token?
Authorized Client Applications not working with azure-cli
Getting user data through an Azure AD OAuth login - React Native Expo App
How to properly handle token expiry with Auth.js (NextAuth v5)?
Two blazor server apps sharing same Authentication Library Project and same Library Project for SignalR communication
Error with autowiring in WebSecurityConfiguration bean Spring boot security
java-jwt with public/private keys
Azure generation token invalid signature
What is secret key for JWT based authentication and how to generate it?
How to generate JWT in PHP
Is it possible to create a JWT authentication or something similar in Node.js without using frameworks?
Generating JWT token with JwtUtil class in Spring Boot resulting in NullPointerException
Cannot find a way to decrypt a JWE token in python (but created in ASP.Net) using jwcrypto
Node.js JWT refresh token in express middleware
Why isn't my "refresh token" cookie included in Axios requests, even with withCredentials enabled?
How to verify JWT id_token produced by MS Azure AD?
Problem with JWT authorization in ASP.NET Core
Options for token storage and refresh in SPAs
How can I decode a google OAuth 2.0 JWT (OpenID Connect) in a node app?
Revoking JWT with No Expiration