Converting a JWT Token to JSON in JavaScript

Question

I have a JWT Token which I am trying to convert to JSON - The headers show up fine but not the payload - Any Information will be helpful

My Token

eyJ6aXAiOiJERUYiLCJhbGciOiJFUzI1NiIsImtpZCI6IjNLZmRnLVh3UC03Z1h5eXd0VWZVQUR3QnVtRE9QS01ReC1pRUxMMTFXOXMifQ.3VNNj9owEP0rq9lrSOKwhZJTF3pptapW2m0vFQfjDMSVP5DtBOgq_71jA9tWWrj1Ut8mfvPmvefJC0jvoYY2hK2vi8Jr7kKLXIU2F9w1vsA911uFviBghw4ykDxAzSZsPJlMxiXLyzuWQS-gfoEPwpqAe7r__kq52-3y3Ti3blNUJXtfCIcNmiC58kXPYJlBOGwxdnxDJ9eSrxQuXjE076K222MxisVVnNS6M_InD9Kaq0Bhe9mwWRT1W-ZTt_qBIkR_61Y6UukjTw13eZkz4otf551pFEaMQ287J_A5uYLTxdklCKsUsR2V0AB3IOvE3Cn11SkCnPvrkgDn4g3iR7JD_QQyXOORhGupiA_uDWGcTzM2skcT4_1s21jPc1gOZHCDpqH3rEHzpG8lKYyPPERuNnvHRiUbVSUMQ_amOnZd3ae_I_eBh84n-3GbAsYH67kQ0uDCNolB2EaaTTLiDz6gPu0lvVSrpmmBYtKFl00h-j0RiNQJVTmFYTlksD1FkuSs0aGJ2v5MlEBWiM6lq2j2WeojRZUMl9HW1knajMPTyVtwHWagrDiauUQ-juTKhi-dXqVcH2y4uS3TYRdjrP7LGKvZP4lxejHG8fUYH85Tzz8L3M8XN48td5qLA7EuBzq_AA._juD-OGeaRIRVqIXji_13lHvrpmhw57DpZrZqbNUgjeqjSLwUc8qbzzbai82fGN5KzHgWFKy4v45hzd89GBO7Q

I am using jsonwebtoken library

var jwt = require("jsonwebtoken");

var decoded = jwt.decode(token, {complete: true});
console.log(decoded.header);

console.log(decoded.payload);

Output

{
  zip: 'DEF',
  alg: 'ES256',
  kid: '3Kfdg-XwP-7gXyywtUfUADwBumDOPKMQx-iELL11W9s'
}
�SM��0�+��kHⰅ�Szi��V�m/�
                        ĕ?���*��c�VZ��R�&~����
a�O36�G��l�X�sXdp�����A�o%)��<Dn6{�F%%�{ٰY�[�S���"D�V:R�#O�\�6�5��=�[�� `�2�<@�&l<�L�%��;�A/�~�š�{���J�����8�nST%{�
                                      C��:v]ݧ�#����'�q������6�A�F�M2�>�>�%�T��i�b҅�M!�=��   U9�a9d�=E��ѡ���L�@V�Υ�h�Y�#E�
                                                                                                                             ����Iڌ���[pf��8��D>��ʆ/�^�\l��-�ac�����?�qz1����S�?
                      ��7�-w���.:�

I did same in Python - which works for me perfectly

   //Retrieve the Headers which are needed to retrieve the public key
   headers = jose_jws.get_unverified_headers(encoded)
   print(headers)
   

   // Now attempt to decode the JWT/JWS. This would be followed by
   // validation once the public key had been retrieved
   decoded = jose_jws.get_unverified_claims(encoded)

   print(decoded)

PYTHON

JAVASCRIPT

Answer 1

zip: 'DEF' indicates the payload is deflated. You may try inflating it back.

That being said, "zip" or compression is only defined for JWE (JSON Web Encryption), not JWS (JSON Web Signatures) or JWT. A proper JWT payload MUST always be a top level JSON object and be without compression.