I am integrating monday.com with aws apigateway with a python lambda authorizer. My problem is my python code seems to be enable to decode the jwt token coming from monday.com using the signing key. I’ve tried many libraries but it’s all the same thing the signature verification always fails.
Monday token decode
@raki beware there are two ways to verify Monday jwt tokens:
- Using Client Secret
- Using Signing Secret
Depending on the type of the Token you’re trying to validate!
Thanks @Adnene . I finally solved it and decoding with the signing key. The problem was mostly related to my version of python in which the cryptography packages seemed depreciated. And this is the way I verified the signature using pyJWT python3.12 library:
decoded_data = jwt.decode(jwt='token from monday.com Authorization header payload',
key='YOUR_SIGNING_SECRET',
algorithms=["HS256"],
options={"verify_exp": False,"verify_aud":False})
Login to monday.com
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.