Verifying Memberstack JWT token Answered

Post author
Julien Brodier

Hello,

I would need to verify the Memberstack JWT token like described here (I want to use the token to authenticate the requests sent by the user on one of our APIs). However, the public key ID returned by https://api.memberstack.io/metadata/v1/public-keys (d763*******************************) does not match the key ID provided in the JWT (6f657**********************************************************).

 

Where can I find the public key used to sign the Memberstack JWT ?

Best regards.

Comments

6 comments

  • Comment author
    Duncan from Memberstack

    Hey Julien 👋 Our team is away for the holidays, but I'm going to pass this along to the eng team as soon as they are back. You can expect a reply by the end of next week. 

    0
  • Comment author
    Duncan from Memberstack

    Julien Brodier  Thanks for the patience, I hope you had a great holiday!

    Can you confirm which version of Memberstack you are using? I assume 2.0, but the docs you linked are for 1.0.

    If it's 2.0, you can only verify JWTs on the back end. Our client packages or client REST APIs do not provide that functionality. 

    0
  • Comment author
    Julien Brodier

    Hello,

    Thanks for your reply, I hope you had a great holiday too!

    Yes, we are using version 2.0. For our use case, it is fine to verify the user JWT on the backend. I assume we have to use the admin API you linked to.

    However, in the Verification section, it says "Webhook & JWT verification methods cannot be performed via REST API at the moment", does this mean the only option is to use the JavaScript admin API (@memberstack/admin)? We have a Java backend, so it would be easier for us to be able to call a REST API, but if there is no other way, we can add a JavaScript component to call your API.

    Best regards.

    0
  • Comment author
    Duncan from Memberstack

    I'm going to follow up with another member of team tomorrow 👍 I'll do my best to get you an answer ASAP.

    0
  • Comment author
    Duncan from Memberstack

    Hey Julien, checking with the team again today. Apologies for the delay.

    0
  • Comment author
    Nicolas Scott

    Here's our public key URL for v2!
    http://member-jwt.s3-website-us-east-1.amazonaws.com

    0

Please sign in to leave a comment.