Get raw access token (which is a JWT object)
decode_jwt(token, ...)# S3 method for AzureToken
decode_jwt(token, type = c("access", "id"), ...)
# S3 method for Token
decode_jwt(token, type = c("access", "id"), ...)
# S3 method for character
decode_jwt(token, ...)
extract_jwt(token, ...)
# S3 method for AzureToken
extract_jwt(token, type = c("access", "id"), ...)
# S3 method for Token
extract_jwt(token, type = c("access", "id"), ...)
# S3 method for character
extract_jwt(token, ...)
A token object. This can be an object of class AzureToken, of class httr::Token, or a character string containing the encoded token.
Other arguments passed to methods.
For the AzureToken and httr::Token methods, the token to decode/retrieve: either the access token or ID token.
For extract_jwt, the character string containing the encoded token, suitable for including in a HTTP query. For decode_jwt, a list containing up to 3 components: header, payload and signature.
An OAuth token is a JSON Web Token, which is a set of base64URL-encoded JSON objects containing the token credentials along with an optional (opaque) verification signature. decode_jwt decodes the credentials into an R object so they can be viewed. extract_jwt extracts the credentials from an R object of class AzureToken or httr::Token.
Note that decode_jwt does not touch the token signature or attempt to verify the credentials. You should not rely on the decoded information without verifying it independently. Passing the token itself to Azure is safe, as Azure will carry out its own verification procedure.
jwt.io, the main JWT informational site
jwt.ms, Microsoft site to decode and explain JWTs