Share via

Help me how to verify azure ad token in jwt.io

Saravana 20 Reputation points
2023-05-06T11:59:32.0666667+00:00

I am trying to verify azure ad token in jwt.io before implementing in my api

But it always showing signature verification failed.

I am doing every step properly but i dont know why the issue.

  • token is not modified
  • am using the right public key that matches with kid with the start and ending text attached with x5c string
Microsoft Security | Microsoft Entra | Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Shweta Mathur 30,296 Reputation points Microsoft Employee Moderator
    2023-05-10T06:16:52.3133333+00:00

    Hi @Saravana ,

    Thanks for reaching out.

    If you have Azure AD access token for the Micrsoft Graph audience, then it is expected as these tokens are for Microsoft Graph and these token use special signing mechanisms which can validate signature using jwt.ms and not possible to validate signature using public validators i.e jwt.io.

    However, if you generate the token with scope api://ClientIDofApp/.default where token is intent to use for application, then you won't get invalid signature while decoding the token using jwt.io.

    It is recommended to use jwt.ms to validate the Azure AD access token.

    Hope this will help.

    Thanks,

    Shweta

    Please remember to "Accept Answer" if answer helped you.

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.