Configuration¶
Flask_PyJWT’s configuration variables are read from the Flask app’s config and start with the prefix “JWT_”.
Required Values¶
JWT_ISSUER¶
(str
): The issuer of JWTs. Usually your website/API’s name.
JWT_AUTHTYPE¶
(str
): The type of auth to use for your JWTs
(HMACSHA256, HMACSHA512, RSA256, RSA512).
Accepted Values:
HS256
HS512
RS256
RS512
JWT_SECRET¶
(str
| bytes
): The secret key or RSA private key to sign JWTs with.
If the JWT_AUTHTYPE
is HS256 or HS512, a str
is required.
if the JWT_AUTHTYPE
is RS256 or RS512, a bytes
encoded RSA private key is required.
Optional Values¶
JWT_AUTHMAXAGE¶
(int
): The maximum time, in seconds, that an auth JWT is considered valid.
JWT_REFRESHMAXAGE¶
(int
): The maximum time, in seconds, that a refresh JWT is considered valid.
JWT_PUBLICKEY¶
(str
| bytes
): The RSA public key used to verify JWTs with, if the JWT_AUTHTYPE
is set to RS256 or RS512.