Merge pull request #997 from supertokens/fix/jwt-url

bcbogdan · web-flow · commit ee92bbdeadcf · 2025-06-19T10:18:19.000+03:00
diff --git a/docs/authentication/m2m/client-credentials.mdx b/docs/authentication/m2m/client-credentials.mdx
@@ -233,7 +233,7 @@ It ensures that the validation occurs for the correct token type:
 For NodeJS you can use [`jose`](https://github.com/panva/jose) to verify the token.
 
 ```tsx
-import jose from "jose";
+import * as jose from "jose";
 
 const JWKS = jose.createRemoteJWKSet(new URL('^{appInfo.apiDomain}^{appInfo.apiBasePath}/jwt/jwks.json'))
 
@@ -544,7 +544,7 @@ Hence, a way to distinguish between these two and prevent errors is necessary.
 import supertokens from "supertokens-node";
 import Session from "supertokens-node/recipe/session";
 import express, { Request, Response, NextFunction } from 'express';
-import jose from "jose";
+import * as jose from "jose";
 
 async function verifySession(req: Request, res: Response, next: NextFunction) {
   let session = undefined;
diff --git a/docs/authentication/unified-login/quickstart-guides/multiple-frontends-with-a-single-backend.mdx b/docs/authentication/unified-login/quickstart-guides/multiple-frontends-with-a-single-backend.mdx
@@ -233,7 +233,7 @@ Here is an example of how to implement this in the context of an Express API:
 import supertokens from "supertokens-node";
 import Session from "supertokens-node/recipe/session";
 import express, { Request, Response, NextFunction } from 'express';
-import jose from "jose";
+import * as jose from "jose";
 
 interface RequestWithUserId extends Request {
   userId?: string;
@@ -279,7 +279,7 @@ async function verifySession(req: RequestWithUserId, res: Response, next: NextFu
 }
 
 const JWKS = jose.createRemoteJWKSet(
-  new URL("^{appInfo.apiDomain}^{appInfo.apiBasePath}jwt/jwks.json"),
+  new URL("^{appInfo.apiDomain}^{appInfo.apiBasePath}/jwt/jwks.json"),
 );
 
 // This is a basic example on how to validate an OAuth2 Token
@@ -362,7 +362,7 @@ def validate_token(token: str, required_scope: str) -> bool:
   api_base_path = "^{appInfo.apiBasePath}"
   client_id = "<CLIENT_ID>"
 
-  jwks_url = f"{api_domain}{api_base_path}jwt/jwks.json"
+  jwks_url = f"{api_domain}{api_base_path}/jwt/jwks.json"
   jwks_client = PyJWKClient(jwks_url)
 
   try:
diff --git a/docs/authentication/unified-login/verify-tokens.mdx b/docs/authentication/unified-login/verify-tokens.mdx
@@ -55,7 +55,7 @@ If your scenario involves a common backend with multiple frontend clients you ca
 For NodeJS you can use [`jose`](https://github.com/panva/jose) to verify the token.
 
 ```tsx
-import jose from "jose";
+import * as jose from "jose";
 
 const JWKS = jose.createRemoteJWKSet(new URL('^{appInfo.apiDomain}^{appInfo.apiBasePath}jwt/jwks.json'))
 
