Jwt-auth: jwt.io says that token got 'Invalid Signature'

Created on 8 Oct 2015 · 8Comments · Source: tymondesigns/jwt-auth

I'm using Postman to test out this package.
Everything is working correctly, except for this bug on the jwt.io debugger.

I'm using JWTAuth::attempt($credentials) to issue the token.
Dumping credentials return this array : [ "email" => "[email protected]", "password" => "secret"].

The token works fine, only the signature is invalid.

I'm using the latest versions :
tymon/jwt-auth v5.5, laravel/framework v5.1.19

Source

Hebilicious

Most helpful comment

Are you pasting your secret key into the form? The field isn't very obvious on jwt.io, but in the blue "verify signature" section on the right there's a small box that says "secret".

tdhsmith on 9 Oct 2015

👍62 ❤14 🚀6 😄6 👀4 🎉3

All 8 comments

Are you pasting your secret key into the form? The field isn't very obvious on jwt.io, but in the blue "verify signature" section on the right there's a small box that says "secret".

tdhsmith on 9 Oct 2015

👍62 ❤14 🚀6 😄6 👀4 🎉3

I didn't notice that field, my bad.
The key is the one generated by the artisan command : jwt:generate.
Thanks @tdhsmith, I'm closing the issue :)

Hebilicious on 9 Oct 2015

Yeah I miss it pretty much every time, haha.

tdhsmith on 9 Oct 2015

@tdhsmith Thank you very much, I did not know that field was used, now everything makes sense. xD

INGCRENGIFO on 9 May 2017

Just to add a little context, there goes your secret key:

ghost on 2 Oct 2017

👍12 🎉2

tes

katongilang on 8 Apr 2020

When you enter a secret key into the form, it will change your JWT to match that key. You should re-paste the JWT to make sure the signature is valid.