JWT Analyzer / Inspector in Hasura Console

With the v1.0.0-beta.3 release, a JWT analyzer is now part of the Hasura console. Up until now, JWTs had to be decoded using an external tool like https://jwt.io, etc.

Let's see how we can use this feature! This example uses Firebase JWT sample app (https://github.com/hasura/graphql-engine/tree/master/community/sample-apps/firebase-jwt) to generate a token. You can use any other JWT provider and configure Hasura with the JWT secret using the --jwt-secret flag or HASURA_GRAPHQL_JWT_SECRET environment variable.

After logging in and getting a valid JWT token, we add it to the Authorization request header in the console's Graphiql page:

Valid JWT token in request header

If we click on the rectangular icon on the right, the JWT analyzer opens and we get information on the token validity, Hasura claims, headers and the full payload. Here a snapshot:

Decoded JWT in JWT analyzer

You can find more information about this change in the changelog. Do try this out and let us know what you think about it!


Hasura is an open-source engine that gives you realtime GraphQL APIs on new or existing Postgres databases, with built-in support for stitching custom GraphQL APIs and triggering webhooks on database changes.


PS: We’re hiring!