id_token_verifier 0.0.1

OpenID Connect ID Token Verifier In Rust
Documentation

🔎 id_token_verifier ✅

codecov

tokio-friendly, highly configurable, batteries-included OpenID Connect ID Token Verifier in Rust.

Features:

  • Direct or discovery-based JWKS.

  • Caching with fixed expiry and background refresh.

  • Pluggable retry strategy via backoff-config.

  • serde-friendly configuration (loadable from env or other sources).

  • Optional tracing to dig into the verification flow.

Usage:

  1. Create an instance of IdTokenVerifierDefault using an IdTokenVerifierConfig and a reqwest::Client.
  2. Define the target claims type with Deserialize:
#[derive(Debug, Deserialize)]
struct MyClaims {
    pub id: String,
    pub email: String,
    pub email_verified: bool
}
  1. Call IdTokenVerifier#verify::<MyClaims> and get the claims, or handle the error:
match verifier.verify::<MyClaims>(id_token).await {
    Ok(claims) => println!("Claims: {claims:?}"),
    Err(error) => println!("Error: {error}")
}