Getting Started
Core Concepts
Common Errors & Troubleshooting
Common JWT Errors
Token Expired
JWT has exceeded its expiration time
TokenExpiredError: jwt expired
Common Causes:
- Token's "exp" claim has passed
- Server and client time synchronization issues
- Token expiration time too short
Invalid Signature
Token signature verification failed
JsonWebTokenError: invalid signature
Common Causes:
- Incorrect secret key used for verification
- Token has been tampered with
- Wrong signing algorithm used
Malformed Token
Token structure or format is invalid
JsonWebTokenError: jwt malformed
Common Causes:
- Missing parts of the token (header, payload, or signature)
- Incorrect Base64URL encoding
- Token string manipulation or corruption
Invalid Claims
Token claims validation failed
JsonWebTokenError: invalid token
Common Causes:
- Missing required claims
- Invalid issuer (iss) or audience (aud)
- Token not yet active (nbf claim)
Troubleshooting Steps
Signature Verification Troubleshooting
1. Check Secret Key
Ensure the secret key used for verification matches the one used for signing. Check for whitespace or encoding issues in the key.
2. Verify Algorithm
Confirm the algorithm specified in the token header matches the one used for verification.
3. Check Token Integrity
Inspect the token for any modifications or truncation during transmission.
Always implement proper error handling and logging in your application to help diagnose JWT-related issues quickly.