<tdalign="left">methods as <code>[]string</code></td>
<td>Supplies a list of <ahref="../signing_methods/">signing methods</a> that the parser will check against the algorithm on the token. Only the supplied methods will be considered valid. It is heavily encouraged to use this option in order to prevent "none" algorithm attacks.<supid="fnref:1"><aclass="footnote-ref"href="#fn:1">1</a></sup></td>
</tr>
<tr>
<tdalign="left"><code>WithJSONNumber</code></td>
<tdalign="left">-</td>
<td>Configures the underlying JSON parser to use the <ahref="https://pkg.go.dev/encoding/json#Decoder.UseNumber"><code>UseNumber</code></a> function, which decodes numeric JSON values into the <ahref="https://pkg.go.dev/encoding/json#Number"><code>json.Number</code></a> type instead of <code>float64</code>. This type can then be used to convert the value into either a floating type or integer type.</td>
</tr>
<tr>
<tdalign="left"><code>WithIssuer</code></td>
<tdalign="left">issuer as <code>string</code></td>
<td>Configures the validator to require the specified issuer in the <code>"iss"</code><supid="fnref:iss"><aclass="footnote-ref"href="#fn:iss">2</a></sup> claim. Validation will fail if a different issuer is specified in the token or the <code>"iss"</code> claim is missing.</td>
</tr>
<tr>
<tdalign="left"><code>WithSubject</code></td>
<tdalign="left">subject as <code>string</code></td>
<td>Configures the validator to require the specified subject in the <code>"sub"</code><supid="fnref:sub"><aclass="footnote-ref"href="#fn:sub">3</a></sup> claim. Validation will fail if a different subject is specified in the token or the <code>"sub"</code> claim is missing.</td>
</tr>
<tr>
<tdalign="left"><code>WithAudience</code></td>
<tdalign="left">audience as <code>string</code></td>
<td>Configures the validator to require the specified audience in the <code>"aud"</code><supid="fnref:aud"><aclass="footnote-ref"href="#fn:aud">4</a></sup> claim. Validation will fail if the audience is not listed in the token or the <code>"aud"</code> claim is missing. The contents of the audience string is application specific, but often contains the URI of the service that consumes the token.</td>
</tr>
<tr>
<tdalign="left"><code>WithLeeway</code></td>
<tdalign="left">leeway as <ahref="https://pkg.go.dev/time#Duration"><code>time.Duration</code></a></td>
<td>According to the RFC, a certain time window (leeway) is allowed when verifying time based claims, such as expiration time. This is due to the fact that a there is not perfect clock synchronization on the a distributed system such as the internet. While we do not enforce any restriction on the amount of leeway, it should generally not exceed more than a few minutes.<supid="fnref:exp"><aclass="footnote-ref"href="#fn:exp">5</a></sup></td>
</tr>
<tr>
<tdalign="left"><code>WithIssuedAt</code></td>
<tdalign="left">-</td>
<td>Enables a sanity check of the <code>"iat"</code><supid="fnref:iat"><aclass="footnote-ref"href="#fn:iat">6</a></sup> claim. More specifically, when turning this option on, the validator will check if the issued-at time is not in the future.</td>
</tr>
<tr>
<tdalign="left">Danger Zone</td>
<tdalign="left"></td>
<td></td>
</tr>
</tbody>
</table>
<divclass="footnote">
<hr/>
<ol>
<liid="fn:1">
<p><ahref="https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries">https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries</a> <aclass="footnote-backref"href="#fnref:1"title="Jump back to footnote 1 in the text">↩</a></p>
<p><ahref="https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1">Section 4.1.1 of RFC 7519</a> <aclass="footnote-backref"href="#fnref:iss"title="Jump back to footnote 2 in the text">↩</a></p>
<p><ahref="https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.2">Section 4.1.2 of RFC 7519</a> <aclass="footnote-backref"href="#fnref:sub"title="Jump back to footnote 3 in the text">↩</a></p>
<p><ahref="https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3">Section 4.1.3 of RFC 7519</a> <aclass="footnote-backref"href="#fnref:aud"title="Jump back to footnote 4 in the text">↩</a></p>
<p><ahref="https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.4">Section 4.1.4 of RFC 7519</a> <aclass="footnote-backref"href="#fnref:exp"title="Jump back to footnote 5 in the text">↩</a></p>
<p><ahref="https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.6">Section 4.1.6 of RFC 7519</a> <aclass="footnote-backref"href="#fnref:iat"title="Jump back to footnote 6 in the text">↩</a></p>
<scriptid="__config"type="application/json">{"base":"../..","features":["navigation.instant","navigation.tabs","toc.integrate","content.code.copy","content.code.annotate"],"search":"../../assets/javascripts/workers/search.208ed371.min.js","translations":{"clipboard.copied":"Copied to clipboard","clipboard.copy":"Copy to clipboard","search.result.more.one":"1 more on this page","search.result.more.other":"# more on this page","search.result.none":"No matching documents","search.result.one":"1 matching document","search.result.other":"# matching documents","search.result.placeholder":"Type to start searching","search.result.term.missing":"Missing","select.version":"Select version"}}</script>