Summary
Add client-side JWT verification with asymmetric signature checking (RS256/ES256) and JWKS caching for offline token validation.
Missing Functionality
{:ok, claims} = Supabase.Auth.get_claims(client, jwt)
# Verifies signature, expiration, issuer, audienceReference
- JS implementation:
auth-js/src/GoTrueClient.ts:getClaims
- Fetches JWKS from
/.well-known/jwks.json with 10-min cache
Benefits
- No server round-trip for validation
- Lower latency
- Offline support
- Security auditing
Priority
MEDIUM - Useful for advanced use cases
Suggested Libraries
Summary
Add client-side JWT verification with asymmetric signature checking (RS256/ES256) and JWKS caching for offline token validation.
Missing Functionality
Reference
auth-js/src/GoTrueClient.ts:getClaims/.well-known/jwks.jsonwith 10-min cacheBenefits
Priority
MEDIUM - Useful for advanced use cases
Suggested Libraries
joken,jose, orJOSE