Skip to content

Add a jwt command to decode an access token locally#270

Open
jongio wants to merge 1 commit into
mainfrom
idea/jwt-decode
Open

Add a jwt command to decode an access token locally#270
jongio wants to merge 1 commit into
mainfrom
idea/jwt-decode

Conversation

@jongio

@jongio jongio commented Jul 12, 2026

Copy link
Copy Markdown
Owner

Adds an azd rest jwt <token> subcommand that decodes a JWT access token locally and prints its claims.

What it does

  • azd rest jwt <token> prints the identity summary: tenant, object ID, app ID, audience, username, scopes, roles, and expiry.
  • --format json prints the full set of decoded claims as JSON.
  • No signature verification and no network request. The raw token is never written to output.
  • Reuses the same local decode path whoami already uses, so there is no new token-handling code.

Useful for inspecting a token from az account get-access-token, an Authorization header, or a teammate.

Tests

Table-driven unit tests cover text output, JSON claims output, malformed tokens, argument validation, and the guarantee that the raw token never appears in output.

Closes #268

Adds an 'azd rest jwt <token>' subcommand that decodes a JWT locally and
prints its claims. Text output shows the identity summary (tenant, object
ID, app ID, audience, username, scopes, roles, expiry); --format json prints
the full decoded claims. No signature verification, no network call, and the
raw token is never written to output. Reuses the local decode path that
whoami already uses.

Co-authored-by: Copilot App <[email protected]>
@jongio jongio added the idea Feature idea from the idea pipeline label Jul 12, 2026
@jongio jongio self-assigned this Jul 12, 2026
@github-actions

Copy link
Copy Markdown
Contributor

🚀 Website Preview

Your PR preview is ready!

📎 Preview URL: https://jongio.github.io/azd-rest/pr/270/

This preview will be automatically cleaned up when the PR is closed.

github-actions Bot added a commit that referenced this pull request Jul 12, 2026
@github-actions

Copy link
Copy Markdown
Contributor

🚀 Test This PR

A preview build (0.5.0-pr270) is ready for testing!

One-Line Install (Recommended)

PowerShell (Windows):

iex "& { $(irm https://raw.githubusercontent.com/jongio/azd-rest/main/scripts/install-pr.ps1) } -PrNumber 270 -Version 0.5.0-pr270"

Bash (macOS/Linux):

curl -fsSL https://raw.githubusercontent.com/jongio/azd-rest/main/scripts/install-pr.sh | bash -s 270 0.5.0-pr270

Uninstall

PowerShell (Windows):

iex "& { $(irm https://raw.githubusercontent.com/jongio/azd-rest/main/scripts/uninstall-pr.ps1) } -PrNumber 270"

Bash (macOS/Linux):

curl -fsSL https://raw.githubusercontent.com/jongio/azd-rest/main/scripts/uninstall-pr.sh | bash -s 270

Build Info:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

idea Feature idea from the idea pipeline

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Add a jwt command to decode an access token locally

1 participant