🏠 Overview 🧩 Components 🧩 JWT Infrastructure

JWT Infrastructure

Component Detail

Infrastructure low complexity Shared Component backend
0
Dependencies
0
Dependents
3
Entities
0
Integrations

Description

Shared backend infrastructure for signing, verifying, and managing platform JWTs. Used by both BankID/Vipps authentication and Email & Password Login to issue consistent, tamper-evident session tokens with configurable expiry and audience claims.

Feature: BankID & Vipps Authentication

jwt-infrastructure

Responsibilities

  • Sign platform JWTs with server private key
  • Verify and decode incoming JWTs on protected routes
  • Enforce token expiry, audience, and issuer claims
  • Support token refresh flows

Interfaces

signToken(payload, expiresIn)
verifyToken(token)
decodeToken(token)
refreshToken(token)
buildPayload(userId, organizationId, roles)

Related Data Entities (3)

Data entities managed by this component

Auth Token 15 fields core Organization 14 fields core Session 15 fields core