Does anyone have a solution how I can decode a Bearer Token?
Bearer tokens are generally composed of a random string of characters, so they carry no meaning by themselves. So there's nothing to decode.
- Contributor
david_r wrote:
Bearer tokens are generally composed of a random string of characters, so they carry no meaning by themselves. So there's nothing to decode.
Thanks for your answer.
I want to explain my question a bit more. Hopefully, you can understand why I ask this.
We would like to send a bearer token in a request to FME Flow from our other services and would like to validate the content of that token.
cyclomedia wrote:
Thanks for your answer.
I want to explain my question a bit more. Hopefully, you can understand why I ask this.
We would like to send a bearer token in a request to FME Flow from our other services and would like to validate the content of that token.
Ideally you should also be the issuer of said bearer token, so you'd have a copy of it on your server. When the client sends its copy of the bearer token to the server, the server compares it to what's already in your database, check that the token hasn't expired etc. before deciding whether it's valid or not. At least that's the very simplified principle.
If your use case allows it, I'd strongly recommend using the FME Flow API token service rather than rolling your own, see https://docs.safe.com/fme/html/FME-Flow/WebUI/Manage-Token.htm
Reply
Helpful Members This Week
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.