Requesting a JWT Token
You can request a JWT token using either the client method or the React hook. Both approaches return the token itself as well as the JWKS key ID (kid) for the keypair that signed it.
Client Method
import { ParaWeb } from '@getpara/web-sdk';
const para = new ParaWeb('your-api-key');
const { token, keyId } = await para.issueJwt();
import { useIssueJwt } from '@getpara/react-sdk';
function JwtTokenManager() {
const { issueJwt, issueJwtAsync, isPending, error } = useIssueJwt();
const [tokenInfo, setTokenInfo] = useState<{ token: string; keyId: string } | null>(null);
const handleIssueToken = async () => {
try {
const result = await issueJwtAsync();
setTokenInfo({
token: result.token,
keyId: result.keyId
});
await sendTokenToBackend(result.token);
} catch (err) {
console.error("Failed to issue JWT:", err);
}
};
return (
<button
onClick={handleIssueToken}
disabled={isPending}
>
{isPending ? "Issuing..." : "Issue JWT Token"}
</button>
);
}
React Hook
The token’s expiry will be determined by your customized session length, or else will default to 30 minutes. Issuing a token, like most authenticated API operations, will also renew and extend the session for that duration.
The token’s
aud field will be set to your API key’s unique ID, linking it specifically to your application.Token Structure
Depending on the user in question, a decoded token payload might resemble the following:{
"data": {
"userId": "d5358219-38d3-4650-91a8-e338131d1c5e",
"wallets": [
{
"id": "de4034f1-6b0f-4a98-87a5-e459db4d3a03",
"type": "EVM",
"address": "0x9dd3824f045c77bc369485e8f1dd6b452b6be617",
"publicKey": "0x0465434f76c8321f386856c44e735fd365a09d42c1da03489184b651c2052ea1c7b19c54722ed828458c1d271cc590b0818d8c7df423f71e92683f9e819095a8c6"
},
{
"id": "d70f64e4-266a-457e-9cea-eeb42341a975",
"type": "SOLANA",
"address": "EEp7DbBu5yvgf7Pr9W17cATPjCqUxY8K8R3dFbg53a3W",
"publicKey": ""
}
],
"connectedWallets": [
{
"id": "de4034f1-6b0f-4a98-87a5-e459db4d3a03",
"type": "EVM",
"address": "0x9dd3824f045c77bc369485e8f1dd6b452b6be617",
"publicKey": "0x0465434f76c8321f386856c44e735fd365a09d42c1da03489184b651c2052ea1c7b19c54722ed828458c1d271cc590b0818d8c7df423f71e92683f9e819095a8c6"
},
{
"id": "d70f64e4-266a-457e-9cea-eeb42341a975",
"type": "SOLANA",
"address": "EEp7DbBu5yvgf7Pr9W17cATPjCqUxY8K8R3dFbg53a3W",
"publicKey": ""
}
],
"email": "email@example.com",
"authType": "email",
"identifier": "email@example.com",
"oAuthMethod": "google" // or: undefined | "x" | "discord" | "facebook" | "apple"
},
"iat": 1745877709,
"exp": 1745879509,
"aud": "a31b8f2e-7c6d-4e5a-9f8b-1d2c3a4b5e6f",
"sub": "d5358219-38d3-4650-91a8-e338131d1c5e"
}
{
"data": {
"userId": "d5358219-38d3-4650-91a8-e338131d1c5e",
"wallets": [
{
"id": "de4034f1-6b0f-4a98-87a5-e459db4d3a03",
"type": "EVM",
"address": "0x9dd3824f045c77bc369485e8f1dd6b452b6be617",
"publicKey": "0x0465434f76c8321f386856c44e735fd365a09d42c1da03489184b651c2052ea1c7b19c54722ed828458c1d271cc590b0818d8c7df423f71e92683f9e819095a8c6"
},
{
"id": "d70f64e4-266a-457e-9cea-eeb42341a975",
"type": "SOLANA",
"address": "EEp7DbBu5yvgf7Pr9W17cATPjCqUxY8K8R3dFbg53a3W",
"publicKey": ""
}
],
"connectedWallets": [
{
"id": "de4034f1-6b0f-4a98-87a5-e459db4d3a03",
"type": "EVM",
"address": "0x9dd3824f045c77bc369485e8f1dd6b452b6be617",
"publicKey": "0x0465434f76c8321f386856c44e735fd365a09d42c1da03489184b651c2052ea1c7b19c54722ed828458c1d271cc590b0818d8c7df423f71e92683f9e819095a8c6"
},
{
"id": "d70f64e4-266a-457e-9cea-eeb42341a975",
"type": "SOLANA",
"address": "EEp7DbBu5yvgf7Pr9W17cATPjCqUxY8K8R3dFbg53a3W",
"publicKey": ""
}
],
"phone": "+13105551234",
"authType": "phone",
"identifier": "+13105551234"
},
"iat": 1745877709,
"exp": 1745879509,
"aud": "a31b8f2e-7c6d-4e5a-9f8b-1d2c3a4b5e6f",
"sub": "d5358219-38d3-4650-91a8-e338131d1c5e"
}
{
"data": {
"userId": "d5358219-38d3-4650-91a8-e338131d1c5e",
"wallets": [
{
"id": "de4034f1-6b0f-4a98-87a5-e459db4d3a03",
"type": "EVM",
"address": "0x9dd3824f045c77bc369485e8f1dd6b452b6be617",
"publicKey": "0x0465434f76c8321f386856c44e735fd365a09d42c1da03489184b651c2052ea1c7b19c54722ed828458c1d271cc590b0818d8c7df423f71e92683f9e819095a8c6"
},
{
"id": "d70f64e4-266a-457e-9cea-eeb42341a975",
"type": "SOLANA",
"address": "EEp7DbBu5yvgf7Pr9W17cATPjCqUxY8K8R3dFbg53a3W",
"publicKey": ""
}
],
"connectedWallets": [
{
"id": "de4034f1-6b0f-4a98-87a5-e459db4d3a03",
"type": "EVM",
"address": "0x9dd3824f045c77bc369485e8f1dd6b452b6be617",
"publicKey": "0x0465434f76c8321f386856c44e735fd365a09d42c1da03489184b651c2052ea1c7b19c54722ed828458c1d271cc590b0818d8c7df423f71e92683f9e819095a8c6"
},
{
"id": "d70f64e4-266a-457e-9cea-eeb42341a975",
"type": "SOLANA",
"address": "EEp7DbBu5yvgf7Pr9W17cATPjCqUxY8K8R3dFbg53a3W",
"publicKey": ""
}
],
"telegramUserId": "1234567890",
"authType": "telegram",
"identifier": "1234567890"
},
"iat": 1745877709,
"exp": 1745879509,
"aud": "a31b8f2e-7c6d-4e5a-9f8b-1d2c3a4b5e6f",
"sub": "d5358219-38d3-4650-91a8-e338131d1c5e"
}
{
"data": {
"userId": "d5358219-38d3-4650-91a8-e338131d1c5e",
"wallets": [
{
"id": "de4034f1-6b0f-4a98-87a5-e459db4d3a03",
"type": "EVM",
"address": "0x9dd3824f045c77bc369485e8f1dd6b452b6be617",
"publicKey": "0x0465434f76c8321f386856c44e735fd365a09d42c1da03489184b651c2052ea1c7b19c54722ed828458c1d271cc590b0818d8c7df423f71e92683f9e819095a8c6"
},
{
"id": "d70f64e4-266a-457e-9cea-eeb42341a975",
"type": "SOLANA",
"address": "EEp7DbBu5yvgf7Pr9W17cATPjCqUxY8K8R3dFbg53a3W",
"publicKey": ""
}
],
"connectedWallets": [
{
"id": "de4034f1-6b0f-4a98-87a5-e459db4d3a03",
"type": "EVM",
"address": "0x9dd3824f045c77bc369485e8f1dd6b452b6be617",
"publicKey": "0x0465434f76c8321f386856c44e735fd365a09d42c1da03489184b651c2052ea1c7b19c54722ed828458c1d271cc590b0818d8c7df423f71e92683f9e819095a8c6"
},
{
"id": "d70f64e4-266a-457e-9cea-eeb42341a975",
"type": "SOLANA",
"address": "EEp7DbBu5yvgf7Pr9W17cATPjCqUxY8K8R3dFbg53a3W",
"publicKey": ""
}
],
"farcasterUsername": "FarcasterUsername",
"authType": "farcaster",
"identifier": "FarcasterUsername"
},
"iat": 1745877709,
"exp": 1745879509,
"aud": "a31b8f2e-7c6d-4e5a-9f8b-1d2c3a4b5e6f",
"sub": "d5358219-38d3-4650-91a8-e338131d1c5e"
}
{
"data": {
"userId": "d5358219-38d3-4650-91a8-e338131d1c5e",
"wallets": [
{
"id": "de4034f1-6b0f-4a98-87a5-e459db4d3a03",
"type": "EVM",
"address": "0x9dd3824f045c77bc369485e8f1dd6b452b6be617",
"publicKey": "0x0465434f76c8321f386856c44e735fd365a09d42c1da03489184b651c2052ea1c7b19c54722ed828458c1d271cc590b0818d8c7df423f71e92683f9e819095a8c6"
},
{
"id": "d70f64e4-266a-457e-9cea-eeb42341a975",
"type": "SOLANA",
"address": "EEp7DbBu5yvgf7Pr9W17cATPjCqUxY8K8R3dFbg53a3W",
"publicKey": ""
}
],
"connectedWallets": [
{
"id": "de4034f1-6b0f-4a98-87a5-e459db4d3a03",
"type": "EVM",
"address": "0x9dd3824f045c77bc369485e8f1dd6b452b6be617",
"publicKey": "0x0465434f76c8321f386856c44e735fd365a09d42c1da03489184b651c2052ea1c7b19c54722ed828458c1d271cc590b0818d8c7df423f71e92683f9e819095a8c6"
},
{
"id": "d70f64e4-266a-457e-9cea-eeb42341a975",
"type": "SOLANA",
"address": "EEp7DbBu5yvgf7Pr9W17cATPjCqUxY8K8R3dFbg53a3W",
"publicKey": ""
}
],
"externalWalletAddress": "0xaD6b78193b78e23F9aBBB675734f4a2B3559598D",
"authType": "externalWallet",
"identifier": "0xaD6b78193b78e23F9aBBB675734f4a2B3559598D",
"externalWallet": {
"address": "0xaD6b78193b78e23F9aBBB675734f4a2B3559598D",
"type": "EVM",
"provider": "MetaMask"
}
},
"iat": 1745877709,
"exp": 1745879509,
"aud": "a31b8f2e-7c6d-4e5a-9f8b-1d2c3a4b5e6f",
"sub": "d5358219-38d3-4650-91a8-e338131d1c5e"
}
JWKS Verification
Para’s JSON Web Keys Set (JWKS) file(s) are available at the following URLs:| Environment | JWKS URL |
|---|---|
| BETA | https://api.beta.getpara.com/.well-known/jwks.json |
| PROD | https://api.getpara.com/.well-known/jwks.json |
Best Practices
- Session Verification: For security-critical operations, verify JWT tokens on both client and server sides
- Token Expiry: Be aware that tokens expire based on your session configuration and plan accordingly
- Secure Storage: Never store JWT tokens in insecure locations like localStorage for sensitive applications