# Verify JWT Token using API (serverless)

If you don't have a backend server, for example, if you're using Webflow, we have provided an API endpoint to validate the access token from Cotter.

## Verify JWT Token from Cotter

<mark style="color:green;">`POST`</mark> `https://worker.cotter.app/verify`

If you don't have a server to verify Cotter's JWT token, you can do so by calling this API.

#### Headers

| Name         | Type   | Description                                                                                                                   |
| ------------ | ------ | ----------------------------------------------------------------------------------------------------------------------------- |
| API\_KEY\_ID | string | Your "API\_KEY\_ID". It's recommended to include your API KEY ID so it validates that the token is made for **your project.** |
| Content-Type | string | `application/json`                                                                                                            |

#### Request Body

| Name         | Type   | Description                                                                                                                                                            |
| ------------ | ------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| oauth\_token | object | The \`oauth\_token\` object that is returned by Cotter's Response. It should have an attribute called \`access\_token\` with the access token that you want to verify. |

{% tabs %}
{% tab title="200 Check if the token is valid based on the success value." %}

```javascript
// For valid tokens: 
{
    "success":true 
}

// If there's a problem:
{
    "success":false,
    "reason":"Error: Invalid JWT token"
}
```

{% endtab %}
{% endtabs %}

**Example HTTP Request:**

```
POST https://worker.cotter.app/verify
Content-Type: application/json
API_KEY_ID: <YOUR API KEY ID>

{
    "oauth_token": {
        "access_token": "eyJhbGciOiJFUzI1Ni...",
        "id_token": "eyJhbGciOiJFUzI1NiIsIm...",
        "refresh_token": "55185:BjD1Hh8ea...",
        "expires_in": 3600,
        "token_type": "Bearer",
        "auth_method": "OTP"
    }
}
```

#### Example with Javascript:

```markup
<!--Get Cotter JS SDK-->
<script
    src="https://unpkg.com/cotter@0.3.16/dist/cotter.min.js"
    type="text/javascript"
></script>

<script>
  async function checkAccessToken() {
    // 1. Get the logged-in user's access token
    let cotter = new Cotter("API_KEY_ID"); // 👈 Specify your API KEY ID here
    let token = await cotter.tokenHandler.getAccessToken();
    var accessToken = token?.token;

    // 2. Construct the body
    let body = {
      oauth_token: {
        access_token: accessToken
      }
    };

    // 3. If user is logged in then we fetch the user data
    let url = "https://worker.cotter.app/verify";
    fetch(url, {
      method: "POST",
      cache: "no-cache",
      headers: {
        "Content-Type": "application/json",
        API_KEY_ID: "API_KEY_ID"   // 👈 Specify your API KEY ID here
      },
      mode: "cors",
      body: JSON.stringify(body)
    })
      .then((resp) => resp.json())
      .then((data) => {
        if (!data.success) {
          window.location.href = "/login"; // Redirect to your login page
        } else {
          console.log("Token is valid!");
        }
      });
  }
</script>
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.cotter.app/api-reference/oauth-tokens-api/verify-jwt-token-using-api-serverless.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.