Recommended releases

Download Links

JSON Web Tokens for Backdrop CMS

This module adds the ability to create and authenticate JSON Web Tokens through global PHP functions. It is intended to facilitate developers wishing to integrate JSON Web Tokens into their projects.


  • Install this module using the official Backdrop CMS instructions.
  • (optional) Visit the configuration page under Configuration > Administration > Administer JWT Tokens.


This module provides global functions that create and verify JSON Web Tokens.

  • encode_jwt($payload_data (associative array), $expiration_in_seconds (string -- Optional)) -- Accepts associative array of key, value pairs ($payload_data) and returns encoded JWT as a string. Default expiration time is set on the settings page or can be specified with a second argument. Example: encode_jwt(['user'=>'1234', 'role'=>'admin'])

  • validate_jwt($jwt (string)) -- Returns false if JWT string is invalid or expired, otherwise returns the decoded payload as an object.

  • decode_jwt($jwt (string)) -- Returns false if JWT is invalid or expired, otherwise returns the decoded payload object.

  • decode_jwt_header($jwt (string), $verify_header (boolean -- Optional)) -- Returns decoded JWT header object. Optionally pass in true for the second parameter to also validate authenticity of token.


Additional documentation is located in the Wiki:


Bug and feature requests can be reported in the Issue Queue at

Current Maintainers



This project is released under the GPL v2 license.