Configuration Options¶
You can change many options for how this extension works via
app.config['OPTION_NAME'] = new_option_value
JWT_HEADER_NAME |
What header to look for the JWT in a request. Defaults to 'Authorization' |
JWT_HEADER_TYPE |
What type of header the JWT is in. Defaults to 'Bearer'. This can be
an empty string, in which case the header contains only the JWT
(instead of something like Authorization: Bearer <JWT>) |
JWT_EXPIRES |
How long a JWT created with create_jwt() should live before it expires. This
takes a datetime.timedelta, and defaults to 1 hour |
JWT_ALGORITHM |
Which algorithm to sign the JWT with. See here
for the options. Defaults to 'HS256'. |
JWT_SECRET_KEY |
The secret key needed for symmetric based signing algorithms,
such as HS*. |
JWT_PUBLIC_KEY |
The public key needed for asymmetric based signing algorithms,
such as RS* or ES*. PEM format expected. |
JWT_PRIVATE_KEY |
The private key needed for asymmetric based signing algorithms,
such as RS* or ES*. PEM format expected. |
JWT_IDENTITY_CLAIM |
Which claim the get_jwt_identity() function will use to get
the identity out of a JWT. Defaults to 'sub'. |
JWT_DECODE_AUDIENCE |
The audience you expect in a JWT when decoding it. Defaults
to None. If this option differs from the ‘aud’ claim
in a JWT, the invalid_token_callback is invoked. |