# Python ### Prerequisites To be able to decode JWT token with Python you need to install [`PyJWT`](https://pypi.org/project/PyJWT/)package. The best way to install it is through a pip package installer: ```bash $ pip3 install pyjwt ``` ### PyJWT usage First, we need to import the `PyJWT` package: ```python import jwt ``` Second, we need to read and store a public key (used to decrypt a token). You need to get it from a dashboard beforehand and store somewhere near your project (`./keys/id_rsa.pub`). ```python # Choose a place to store a public key pub_key_path = '.keys/id_rsa.pub' with open(pub_key_path, mode='rb') as public_file: PUBLIC_KEY = public_file.read() ``` Now public key is stored in a variable `PUBLIC_KEY`. Next, we need to implement a function to verify a token: ```python def verify_jwt(jwt_token): try: return jwt.decode(jwt_token, PUBLIC_KEY, algorithms='RS256') except: return None ``` This function contains two main branches: whether the token is valid or not. After a `try` block there is an attempt to verify a token. If token is valid, then our `verify_jwt` function will return a JSON value of it. If token is incorrect or expired, `verify_jwt` returns `None`. To use this function, you need to get pass it a JWT token. ```python public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvt9ZrQP23A06ZLaOLoXtY2NYLkaAO+UyJG7S6WPD4ue49flkzNEKYlTKdk3L9HzMNeQZTqT+Bn310E/u/yOci8yY8GUBNb+kuH1VM2EAl7MPY41eX+tZe/wy0OWvrnhj1H5V5aXt8hISbIZLmgtUQWNINn/xsrn8EIETxbHiEVAXZoVXQYddiw+EY6uD/GRPCLNVr4gx43Yfcx+jSACotoy2hmK8v6N5VmLs+AOILf4INfE8MnzAJt8PD5T5CEVPO82+qj67E9Y40tQnyWpZ028QOerFnqRNRoa0+Fh5xXE+lExP8gRq47cUmWLAkCpUpNvFyStkr56SWrE/NZgCx" result = verify_jwt(jwt_token) ``` `jwt_token` is a token you've received in a request. It is a string like that: ```python >>> jwt_token "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJjaGFsbGVuZ2VfaWQiOiI2MTAyZTBlNi1hMDZjLTRmODEtYjA5NS03ZGUxODUzY2U1YTIiLCJyZXN1bHQiOjAuOTQ5NDQ3NTU2MDI4NzU2LCJpYXQiOjE1NzgzMzY1NzMsImV4cCI6MTU3ODMzNjYzM30.UGFLV4qJGWEF2ZDpFk5tafBB9q9DwHOEMw9i7y_gQ6GsgyD5C9osoXaQwlZXaQ_oDoeGDGiLUzjFdsdhDAADEAGKbmuiLC1JWWdd-pC2JxIQlId4kLw1hZEe6ljUljxSJH980rWoeUMhNjmq3CddaesoYBxi1hLW0LM0oWv_DxNZqzd8VehM1rS8hDRszgG-EJR_lWr3sMMyN82mh4-55xEgNd3KF_UG0hqja55x6pESTEhmTxzAjywK5tiitwOYoRgy2W_krOD6oUadJlX_0W4CLzn2g0gdjwtYxNfImdcJoIXSSWoMC1NikSMIsrDmGtofjS_icmwn_cxks-Qyhg" ``` ### Result If token is correct and did not expire, you'll receive a decoded JWT structure: ```javascript { "challenge_id": "3aa67786-d8cb-4ed5-ae83-ae7ace27e372", "result": 0.949447556028756, "iat": 1578001068, "exp": 1578001128 } ``` You can obtain **challenge result** in a `result` field. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.mobguards.com/en/jwt-token/python.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.