Concepts & SDK DocsXumm Developer Console

Developer Questions

Ask a Question
Back to All

JWT signing algorithm

12 months ago by UNIXPUNKS TEST

Hi.

I'm trying to implement OAuth2 flow in my project and verify jwt on my API.

In documentation said that JWT is signed using HS256 https://docs.xumm.dev/environments/xapps-dapps/your-own-backend-auth but when I debug jwt using jwt.io it says that algorithm is RS256

{
"alg": "RS256",
"typ": "JWT"
}

Is it intentionally or it is a bug?

How can I verify this JWT on my backend? Because documentation says that I can verify it using XUMM Api Secret but RS256 is actually asymmetric algorithm.

Thanks