JWT & Authentication Debug

Test OAuth2/PKCE flows and backend endpoint authorization

Configuration

Select backend server for API requests

Authorization Code Grant (PKCE)

Generate verifier and initiate OAuth2 login flow

Step 1

Random string stored locally, used in Step 2

SHA-256 hash of verifier (base64url encoded)

Exchange Code for Token

Exchange authorization code and verifier for JWT tokens

Step 2

Endpoint Testing Matrix

Test backend endpoints with different authorization scenarios

Valid Token (id) (none)
Valid Token (access) (none)
Invalid Token invalid.jwt.token.for.testing
Endpoint Access Level No Token Valid (id) Valid (access) Invalid Token
/hello/2 Public
-
-
-
-
/hello/3 Authorized
-
-
-
-
/hello/4 Admin
-
-
-
-
/accounts/me Authorized
-
-
-
-
oauth2/userInfo Authorized
-
-
-
-

Stored Tokens

JWT tokens stored in localStorage