Home Arrow Icon Knowledge base Arrow Icon Global Arrow Icon How can I decode a JWT token in Logic Apps


How can I decode a JWT token in Logic Apps


Decoding a JWT token in Azure Logic Apps can be achieved without using external libraries like Node.js or C#. Here's a step-by-step approach:

1. Extract the JWT Token: First, you need to extract the JWT token from the incoming request. This is typically found in the `Authorization` header of the request.

2. Split the JWT Token: JWT tokens are composed of three parts separated by dots: header, payload, and signature. You need to split the token by these dots to isolate the payload, which contains the user details.

3. Decode the Payload: The payload is Base64Url encoded. You can use the `base64ToString` function in Logic Apps to decode it. However, you need to ensure that the Base64 string is properly padded with "=" to make its length a multiple of 4.

4. Parse JSON: Once decoded, the payload will be a JSON string. Use the `json` function in Logic Apps to parse this string into a JSON object that you can work with.

Here's a simplified example of how this might look in Logic Apps:

- Split the JWT Token: Use an expression like `split(triggerBody()?['Authorization'],'.')` to split the token.
- Decode the Payload: Append "=" to ensure proper padding and then use `base64ToString` to decode it.
- Parse JSON: Use the `json` function to parse the decoded payload.

For a more reusable approach, consider creating a child Logic App specifically for parsing JWT tokens, as described in[3]. This allows you to easily integrate JWT parsing into multiple Logic Apps.

If you need to validate the token (check its signature), you would typically use an external service or library, as Logic Apps does not natively support JWT validation. However, for simply extracting claims without validation, the above steps suffice.

Citations:
[1] https://stackoverflow.com/questions/54257879/how-to-decode-a-jwt-token-in-azure-logic-app
[2] https://www.criipto.com/blog/jwt-validation-guide
[3] https://autosysops.com/blog/parse-jwt-tokens-in-azure-logic-apps
[4] https://hasura.io/blog/best-practices-of-using-jwt-with-graphql
[5] https://techcommunity.microsoft.com/blog/azuredevcommunityblog/part-4-secure-your-logic-app-using-api-management-8211-validate-jwt-access-restr/336802
[6] https://auth0.com/blog/how-to-validate-jwt-dotnet/
[7] https://github.com/auth0/jwt-decode
[8] https://supertokens.com/blog/revoking-access-with-a-jwt-blacklist
[9] https://fusionauth.io/dev-tools/jwt-decoder
[10] https://rakhesh.com/azure/parsing-json-tokens-in-a-logic-app/
[11] https://www.reddit.com/r/AZURE/comments/u4alct/blog_parse_jwt_token_with_azure_logic_apps/