JWT Analyzer / Inspector in Hasura Console

Subscribe to the Hasura Newsletter

With the v1.0.0-beta.3 release, a JWT analyzer is now part of the Hasura console. Up until now, JWTs had to be decoded using an external tool like https://jwt.io, etc.

Let's see how we can use this feature! This example uses Firebase JWT sample app (https://github.com/hasura/graphql-engine/tree/master/community/sample-apps/firebase-jwt) to generate a token. You can use any other JWT provider and configure Hasura with the JWT secret using the --jwt-secret flag or HASURA_GRAPHQL_JWT_SECRET environment variable.

After logging in and getting a valid JWT token, we add it to the Authorization request header in the console's Graphiql page:

Valid JWT token in request header

If we click on the rectangular icon on the right, the JWT analyzer opens and we get information on the token validity, Hasura claims, headers and the full payload. Here a snapshot:

Decoded JWT in JWT analyzer

You can find more information about this change in the changelog. Do try this out and let us know what you think about it!

search icon

About Hasura

Hasura allows you to mobilize & federate your organisation’s data by building a powerful, secure & flexible GraphQL API, that can query data in your databases, HTTP services, serverless functions as well as third party APIs.
Like what you read? Join our team! We’re hiring

Subscribe to the Hasura Newsletter