JWT format support for M2M tokens
Jeff Escalante, Brandon Romano, Robert Soriano, Bruno Lin
·
2026-03-05
·
via Clerk Changelog
Why JWT?
JWT M2M tokens offer several advantages over opaque tokens:
- Networkless verification — JWTs can be verified locally using your instance's public key, without making a network request to Clerk's servers
- No verification cost — Opaque token verification costs
$0.00001 per request, while JWT verification is free since it happens locally
- Self-contained — All necessary information (machine ID, claims, expiration) is embedded in the token itself
- Lower latency — Local verification is significantly faster than a network round-trip
When to use opaque tokens
Opaque tokens remain valuable for security-sensitive scenarios:
- Instant revocation — Opaque tokens can be invalidated immediately, while JWTs remain valid until they expire
- Maximum security — Opaque tokens do not contain any embedded information. Server-side verification is required to access payload data.
Getting Started
Dashboard
To generate your M2M token format:
- Navigate to Machines in the Clerk Dashboard
- Select the machine you want to generate the token for.
- Select Generate token
- Toggle Generate token as JWT
- Select Create
SDK
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。