Verify JWT Token using API (serverless)
If you don't have a backend server, for example, if you're using Webflow, we have provided an API endpoint to validate the access token from Cotter.
post
https://worker.cotter.app
/verify
Verify JWT Token from Cotter
Example HTTP Request:
1
POST https://worker.cotter.app/verify
2
Content-Type: application/json
3
API_KEY_ID: <YOUR API KEY ID>
4
​
5
{
6
"oauth_token": {
7
"access_token": "eyJhbGciOiJFUzI1Ni...",
8
"id_token": "eyJhbGciOiJFUzI1NiIsIm...",
9
"refresh_token": "55185:BjD1Hh8ea...",
10
"expires_in": 3600,
11
"token_type": "Bearer",
12
"auth_method": "OTP"
13
}
14
}
Copied!

Example with Javascript:

1
<!--Get Cotter JS SDK-->
2
<script
3
src="https://unpkg.com/[email protected]/dist/cotter.min.js"
4
type="text/javascript"
5
></script>
6
​
7
<script>
8
async function checkAccessToken() {
9
// 1. Get the logged-in user's access token
10
let cotter = new Cotter("API_KEY_ID"); // πŸ‘ˆ Specify your API KEY ID here
11
let token = await cotter.tokenHandler.getAccessToken();
12
var accessToken = token?.token;
13
​
14
// 2. Construct the body
15
let body = {
16
oauth_token: {
17
access_token: accessToken
18
}
19
};
20
​
21
// 3. If user is logged in then we fetch the user data
22
let url = "https://worker.cotter.app/verify";
23
fetch(url, {
24
method: "POST",
25
cache: "no-cache",
26
headers: {
27
"Content-Type": "application/json",
28
API_KEY_ID: "API_KEY_ID" // πŸ‘ˆ Specify your API KEY ID here
29
},
30
mode: "cors",
31
body: JSON.stringify(body)
32
})
33
.then((resp) => resp.json())
34
.then((data) => {
35
if (!data.success) {
36
window.location.href = "/login"; // Redirect to your login page
37
} else {
38
console.log("Token is valid!");
39
}
40
});
41
}
42
</script>
Copied!
Last modified 1yr ago