Aidbox User Docs

Run Aidbox locally Run Aidbox in Sandbox Talk to us Ask community

Tokens processing

The article explains, how Aidbox treats access tokens

Token types

There are two types of token Aidbox supports:

opaque strings are treaded as is. Aidbox does not parse such tokens and not validate them
JWTs could be parsed and their signature could be checked as well

Parsing and validating `JWT`

Aidbox parses JWT tokens every time it receives it. Main steps in parsing and validating JWT strings are:

to check if token string looks like JWT
to parse string to JWT object
to check JWT if token is not expired
to check JWT signature

Processing access token

access_token and refresh_token issued by Aidbox are just opaque strings. So Aidbox does not process them.

PreviousUser, Session, Client resources NextStoring authorization details

Last updated 1 year ago