Json Web Token verify() return jwt malformed

node.js express jwt postman

You cannot pass any value as token. You need jwt.sign() to create a token. Look at the documentation of JWT for more information.

Also,

For the request Header name just use Authorization not x-access-token. Place Bearer before the Token.

Authorization: Bearer TOKEN_STRING

Each part of the JWT is a base64url encoded value. You can get your token as:

var token = req.headers.authorization.split(' ')[1];

node.js express jwt postman

Note :

JWT will return jwt malformed If Token is null/Invalid-Signature that is being passed to jwt.verifty function

let token = null;
let payload = jwt.verify(token, 'secretKey'); //ERROR : jwt malformed

node.js express jwt postman

From what I see, you are not sending the actual JWT token but the secret instead. A valid JWT token consist of a three-part string delimited by dots, like so:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

https://jwt.io/

As you can see on the above website, 'superSuperSecret' is not a valid JWT token.

CodeHunter

Json Web Token verify() return jwt malformed

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last