JWT Analyzer / Inspector in Hasura Console

Subscribe to the Hasura Newsletter

With the v1.0.0-beta.3 release, a JWT analyzer is now part of the Hasura console. Up until now, JWTs had to be decoded using an external tool like https://jwt.io, etc.

Let's see how we can use this feature! This example uses Firebase JWT sample app (https://github.com/hasura/graphql-engine/tree/master/community/sample-apps/firebase-jwt) to generate a token. You can use any other JWT provider and configure Hasura with the JWT secret using the --jwt-secret flag or HASURA_GRAPHQL_JWT_SECRET environment variable.

After logging in and getting a valid JWT token, we add it to the Authorization request header in the console's Graphiql page:

Valid JWT token in request header

If we click on the rectangular icon on the right, the JWT analyzer opens and we get information on the token validity, Hasura claims, headers and the full payload. Here a snapshot:

Decoded JWT in JWT analyzer

You can find more information about this change in the changelog. Do try this out and let us know what you think about it!


Hasura makes your data instantly accessible over a real-time GraphQL API, so you can build and ship modern apps and APIs faster. Hasura connects to your databases, REST servers, GraphQL servers and third party APIs (eg: Stripe) to provide a unified realtime GraphQL API across all your data sources instantly.


Subscribe to the Hasura Newsletter

PS: We’re hiring!