Go Jwt Middleware

A Middleware for Go Programming Language to check for JWTs on HTTP requests
Alternatives To Go Jwt Middleware
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Go Jwt Middleware9191882154 days ago31March 21, 20222mitGo
A Middleware for Go Programming Language to check for JWTs on HTTP requests
Request Baskets179
6 months ago7September 19, 20227mitGo
HTTP requests collector to test webhooks, notifications, REST clients and more ...
Ng Rails Csrf142
8 years ago2mitRuby
a day ago22otherR
Infrastructure for calling Google APIs from R, including auth
Spring Security Csrf Token Interceptor49
15 years ago4July 05, 20144otherJavaScript
An AngularJS interceptor that sets the Spring Security CSRF token information in all HTTP requests if it's able to find it in a response header on application startup.
5 months ago1February 24, 20151apache-2.0Go
Command line utility to make HTTP request with OAuth2
10 months ago1apache-2.0Go
Go library for generating JWT Tokens, authorizing HTTP requests, etc.
Travis Ruby Client21
23 years ago2April 04, 20171Ruby
Ruby client library for Travis CI API
a year ago6February 17, 20223mitSwift
HttpUtility is an open source MIT license project which is helpful in making HTTP requests and returns a decoded object from server. Right now this utility only parses JSON.
5 years agoRuby
Create your own unique and custom RSS Feed with the content from people you follow in Github. [Work in Progress]
Alternatives To Go Jwt Middleware
Select To Compare

Alternative Project Comparisons

GO JWT Middleware

GoDoc Go Report Card License Release Codecov Tests Stars Contributors

Golang middleware to check and validate JWTs in the request and add the valid token contents to the request context.

Table of Contents


go get github.com/auth0/go-jwt-middleware/v2

[table of contents]


package main

import (


var handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
	claims, ok := r.Context().Value(jwtmiddleware.ContextKey{}).(*validator.ValidatedClaims)
	if !ok {
		http.Error(w, "failed to get validated claims", http.StatusInternalServerError)
	payload, err := json.Marshal(claims)
	if err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)

	w.Header().Set("Content-Type", "application/json")

func main() {
	keyFunc := func(ctx context.Context) (interface{}, error) {
		// Our token must be signed using this data.
		return []byte("secret"), nil

	// Set up the validator.
	jwtValidator, err := validator.New(
	if err != nil {
		log.Fatalf("failed to set up the validator: %v", err)

	// Set up the middleware.
	middleware := jwtmiddleware.New(jwtValidator.ValidateToken)

	http.ListenAndServe("", middleware.CheckJWT(handler))

After running that code (go run main.go) you can then curl the http server from another terminal:

$ curl -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJpc3MiOiJnby1qd3QtbWlkZGxld2FyZS1leGFtcGxlIiwiYXVkIjoiZ28tand0LW1pZGRsZXdhcmUtZXhhbXBsZSJ9.xcnkyPYu_b3qm2yeYuEgr5R5M5t4pN9s04U1ya53-KM" localhost:3000

That should give you the following response:

  "CustomClaims": null,
  "RegisteredClaims": {
    "iss": "go-jwt-middleware-example",
    "aud": "go-jwt-middleware-example",
    "sub": "1234567890",
    "iat": 1516239022

The JWT included in the Authorization header above is signed with secret.

To test how the response would look like with an invalid token:

$ curl -v -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.yiDw9IDNCa1WXCoDfPR_g356vSsHBEerqh9IvnD49QE" localhost:3000

That should give you the following response:

< HTTP/1.1 401 Unauthorized
< Content-Type: application/json
{"message":"JWT is invalid."}

For more examples please check the examples folder.

[table of contents]

Migration Guide

If you are moving from v1 to v2 please check our migration guide.

[table of contents]

Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

[table of contents]



[table of contents]


This project is licensed under the MIT license. See the LICENSE file for more info.

[table of contents]

Popular Http Requests Projects
Popular Token Projects
Popular Networking Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Programming Language
Http Requests