Building a standalone React dashboard that pulls Genesys Cloud data directly from the client. Using the implicit grant flow to get the access token. The token comes back fine, but I need to validate the exp and iss claims locally before making API calls to avoid 401s.
Tried using jwt-decode to inspect the payload, but it doesn’t verify the signature. Just looking for a lightweight way to check if the token is still valid and issued by Genesys without hitting a backend service.
Current setup:
- React 18
axiosfor API calls- Implicit grant via Genesys Cloud login page
- Token stored in memory (not localStorage)
Snippet of what I’m checking:
import { jwtDecode } from 'jwt-decode';
const validateToken = (token) => {
try {
const decoded = jwtDecode(token);
const now = Math.floor(Date.now() / 1000);
if (decoded.exp < now) return false;
if (decoded.iss !== 'https://api.mypurecloud.com') return false;
return true;
} catch (e) {
return false;
}
};
Is this enough, or do I need to fetch the public keys from the JWKS endpoint to verify the signature? The docs are vague on client-side validation requirements.