Record: ValidatorConfig

Represents JWT validator configurations.


  • issuer string?
  • Expected issuer, which is mapped to the iss

  • username string?
  • Expected username, which is mapped to the sub

  • audience string | string[ ]?
  • Expected audience, which is mapped to the aud

  • jwtId string?
  • Expected JWT ID, which is mapped to the jti

  • keyId string?
  • Expected JWT key ID, which is mapped the kid

  • customClaims map<json>?
  • Expected map of custom claims

  • clockSkew decimal(default 0)
  • Clock skew (in seconds) that can be used to avoid token validation failures due to clock synchronization problems

  • signatureConfig ValidatorSignatureConfig?
  • JWT signature configurations

  • cacheConfig CacheConfig?
  • Configurations related to the cache, which are used to store parsed JWT information