JWTDetails PowerShell Module for Decoding JWT Access Tokens with readable Token Expiry Time

I’ve just published my first PowerShell Module to the PowerShell Gallery. The JWTDetails PowerShell Module contains the Get-JWTDetails cmdlet that decodes a JWT Access Token and converts it to a PowerShell Object. But wait, there’s more. The reason I created this module is because I always need to know what is the Expiry Time for a JWT Access Token. The returned PowerShell Object from my Get-JWTDetails cmdlet in the JWTDetails Module also includes the expiry date-time in PowerShell DateTime format as  ‘expiryDateTime‘. It also includes the ‘timeToExpiry‘ for the Access Token, also in PowerShell DateTime format.

This means you can keep calling the Get-JWTDetails cmdlet with an access token and inspect the ‘expiryDateTime‘ or ‘timeToExpiry‘ fields to determine whether its time for you to go and get a new JWT Access Token.

Installing the JWTDetails PowerShell Module

I’ve published the module to the PowerShell Gallery. Therefore with PowerShell 5.1 and later you can install direct from the PowerShell Gallery (in an Administrative PowerShell Session) using Install-Module.

Install-Module -name JWTDetails

Install JWTDetails PowerShell Module.PNG

The JWTDetails module contains a single cmdlet ‘Get-JWTDetails‘.

Get-Command JWTDetails.PNG

Using Get-JWTDetails

Using Get-JWTDetails is super simple. Import the module and then pass it a JWT Access Token. I’ve been using it with Microsoft Azure and SailPoint IdentityNow JWT Tokens.

Passing the cmdlet a valid SailPoint IdentityNow Access Token as a discrete string, you will be returned the details of the Access Token including the expiry in easy to read format.

IdentityNow Access Token JWTDetails.PNG

Providing the cmdlet with a valid Azure Access Token passed in as a variable you will be returned the details of the Access Token including the expiry in easy to read format.

Azure Access Token JWTDetails.PNG

Access Token Expiry Details

Let’s put the decoded token into a variable so that we can then easily look at the expiryDateTime and timeToExpiry values. We could then in our scripts define logic about when to refresh our Access Token.

JWTDetails Time to Expiry.PNG

The Module Code

Interested in the PowerShell Module Code, or want to enhance it? Sure thing. I’ve uploaded the module to a Public Repository on Github here.

Summary

By publishing this module to the PowerShell Gallery I have a much quicker method of installing the module on each new workstation/environment that I’m in. Hopefully it helps someone else too.