This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 97%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWT%3C/text%3E%3C/svg%3E)
Hello,
How can I verify the signature of the token in php laravel.
@Wiaam TALEB ,
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Wiaam TALEB ,
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Thanks,
Shweta
Hi @ 01525690,
Thanks for reaching out.
Access tokens are signed using RS256 which would mean that the JWT is signed with Azure AD private key and would be validated by Azure AD public key.
Once you will get the access token using token endpoint, token need to verify to validate the authenticity of the JWT token’s data is by using Azure AD’s public key to verify the signature. You can obtain public key by calling the public Azure AD OpenID configuration endpoint https://login.microsoftonline.com/{tenant-id}/v2.0/.well-known/openid-configuration and verify against the private key(kid) generated by Azure AD token.
I am not sure about how to implement in PHP but found a stack overflow thread to verify JWT using PHP.
Hope this will help.
Thanks,
Shweta
---------------------------------------
Please remember to "Accept Answer" if answer helped you.