Skip to main content
For an SDK-agnostic explanation of JWTs and how verification works—applicable no matter which frontend SDK you use (React, Flutter, Swift, Kotlin, etc.)—see Server-side auth and JWT.

Option 1: Leverage NextAuth

If you are using Next.js, you can easily integrate the NextAuth library with Dynamic to perform server-side verification and then use a session client-side.

Option 2: Leverage Passport.js

We offer an official passport-dynamic extension.

Option 3: Do-It-Yourself Verification

The conceptual flow (what to verify, where to get the public key, JWKS URL) is described in Server-side auth and JWT. To implement DIY verification in Node.js:
  1. Get the JWT from the Dynamic client (e.g. dynamicClient.auth.token) and send it to your server as a Bearer token.
  2. On your server, fetch the public key from the JWKS endpoint and verify the JWT (RS256). You can use node-jsonwebtoken and jwks-rsa—see the React Server-side verification page for the full Node.js code sample (Option 3), which applies to any JavaScript/Node backend regardless of which client SDK you use.