Monday token decode

I am integrating monday.com with aws apigateway with a python lambda authorizer. My problem is my python code seems to be enable to decode the jwt token coming from monday.com using the signing key. I’ve tried many libraries but it’s all the same thing the signature verification always fails.

1 Like

@raki beware there are two ways to verify Monday jwt tokens:

  • Using Client Secret
  • Using Signing Secret

Depending on the type of the Token you’re trying to validate!

2 Likes

Thanks @Adnene . I finally solved it and decoding with the signing key. The problem was mostly related to my version of python in which the cryptography packages seemed depreciated. And this is the way I verified the signature using pyJWT python3.12 library:

decoded_data = jwt.decode(jwt='token from monday.com Authorization header payload',
                              key='YOUR_SIGNING_SECRET',
                              algorithms=["HS256"],
                              options={"verify_exp": False,"verify_aud":False})
1 Like