I’m building a React dashboard for queue analytics. We’re using the implicit grant flow to let agents log in without a backend proxy. The redirect comes back with the token in the hash, which I parse manually. Now I need to validate the JWT before hitting the /api/v2/analytics endpoints.
I’m using jwt-decode to check the expiry, but I want to verify the signature too. I tried using the public JWKS endpoint https://login.genesiscloud.com/.well-known/jwks.json, but I’m not sure how to map the kid from the token header to the right key in the JSON response. My validation logic keeps failing or timing out.
Here’s the snippet I’m using to fetch the keys:
const getPublicKey = async (kid) => {
const res = await fetch('https://login.genesiscloud.com/.well-known/jwks.json');
const jwks = await res.json();
const key = jwks.keys.find(k => k.kid === kid);
return key;
};
The key object has n and e, but I don’t know how to convert that into something jose or jsonwebtoken can use for verification in the browser. Am I missing a step in converting the RSA components? It feels like I’m overcomplicating this for a simple validation check.