# `Oidcc.Plug.ValidateJwtToken` [🔗](https://github.com/erlef/oidcc_plug/blob/989b809174070ef71c9dc545de149854f86d8f7c /lib/oidcc/plug/validate_jwt_token.ex#L1) Validate extracted authorization token by validating it as a JWT token. This module should be used together with `Oidcc.Plug.ExtractAuthorization`. ```elixir defmodule SampleAppWeb.Endpoint do use Phoenix.Endpoint, otp_app: :sample_app # ... plug Oidcc.Plug.ExtractAuthorization plug Oidcc.Plug.ValidateJwtToken, provider: SampleApp.GoogleOpenIdConfigurationProvider, client_id: Application.compile_env!(:sample_app, [Oidcc.Plug.ValidateJwtToken, :client_id]), client_secret: Application.compile_env!(:sample_app, [Oidcc.Plug.ValidateJwtToken, :client_secret]), # optional validation options to pass to Oidcc.Token.validate_id_token/3 validate_opts: %{validate_azp: :any} plug SampleAppWeb.Router end ``` # `opts` *since 0.1.0* ```elixir @type opts() :: [ provider: GenServer.name(), client_id: String.t() | (-> String.t()), client_secret: String.t() | (-> String.t()), send_inactive_token_response: (conn :: Plug.Conn.t() -> Plug.Conn.t()), validate_opts: Oidcc.Token.retrieve_opts() ] ``` Plug Configuration Options ## Options * `provider` - name of the `Oidcc.ProviderConfiguration.Worker` * `client_id` - OAuth Client ID to use for the token validation * `client_secret` - OAuth Client Secret to use for the token validation * `send_inactive_token_response` - Customize Error Response for inactive token * `client_store` - A module name that implements the `Oidcc.Plug.ClientStore` behaviour to fetch the client context from a store instead of using the `provider`, `client_id` and `client_secret` directly. This is useful for storing the client context in a database or other persistent storage. * `validate_opts` - A map of options to pass to `Oidcc.Token.validate_id_token/3`. --- *Consult [api-reference.md](api-reference.md) for complete listing*