<p>JSON Web Token usually has 3 parts: header, claim set, and signature. For example,<br>
header: {"typ":"JWT", "alg":"RS256"}<br>
claims:   {"iss":"joe","iss":<a href="http://id.server.com%22,%22sub">http://id.server.com","sub</a>":@",exp":1300819380, "<a href="http://example.com/is_root%22:true">http://example.com/is_root":true</a>}<br>
signature: RSA signature on hash of {base64(header) ||"."||base64(claims)}</p>

<p>In addition to validate the signature, we'd also need to check the "sub" (subject) to make sure the user is in the database (sip table). It seems the simplest way is to check if the  and  from "sub" belong to a valid record in sip table. </p>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br>Reply to this email directly or <a href="https://github.com/kamailio/kamailio/issues/50#issuecomment-71212126">view it on GitHub</a>.<img alt="" height="1" src="https://github.com/notifications/beacon/AF36Zd0NJjgJO8tt0eTg-l6NCU2Tlettks5nkmPhgaJpZM4DV3fr.gif" width="1" /></p>
<div itemscope itemtype="http://schema.org/EmailMessage">
  <div itemprop="action" itemscope itemtype="http://schema.org/ViewAction">
    <link itemprop="url" href="https://github.com/kamailio/kamailio/issues/50#issuecomment-71212126"></link>
    <meta itemprop="name" content="View Issue"></meta>
  </div>
  <meta itemprop="description" content="View this Issue on GitHub"></meta>
</div>