VerifyTokenDTO
Package: @nauth-toolkit/core
Type: DTO (Request)
Token verification request for native mobile app authentication using provider SDKs.
Supports provider-aware conditional validation:
- google: requires
idToken,accessTokenoptional - apple: requires
idToken,accessTokenoptional,profileDataoptional - facebook:
- Classic login: requires
accessToken(whenidTokennot provided) - Limited Login (OIDC): requires
idToken(JWT, whenaccessTokennot provided)
- Classic login: requires
- NestJS
- Express
- Fastify
import { VerifyTokenDTO } from '@nauth-toolkit/nestjs';
import { VerifyTokenDTO } from '@nauth-toolkit/core';
import { VerifyTokenDTO } from '@nauth-toolkit/core';
Properties
| Property | Type | Required | Description |
|---|---|---|---|
provider | string | Yes | Provider name: 'google', 'apple', or 'facebook'. Trimmed and lowercased. |
idToken | string | Conditional | Required for google/apple. Required for facebook Limited Login (when accessToken not provided). Max 10000 characters. |
accessToken | string | Conditional | Required for facebook classic login (when idToken not provided). Optional for google. Max 2000 characters. |
profileData | Record<string, unknown> | No | Optional profile data from native SDK (e.g., Apple first-time signin). Must be an object. |
Example
Google Sign-In (iOS/Android)
{
"provider": "google",
"idToken": "eyJhbGciOiJSUzI1NiIs...",
"accessToken": "ya29.a0AfH6SM..."
}
Sign in with Apple (iOS)
{
"provider": "apple",
"idToken": "eyJraWQiOiJlWGF1bm...",
"profileData": {
"name": {
"firstName": "John",
"lastName": "Doe"
},
"email": "user@privaterelay.appleid.com"
}
}
Facebook Classic Login
{
"provider": "facebook",
"accessToken": "EAABwzLixnjYBO..."
}
Facebook Limited Login (iOS)
{
"provider": "facebook",
"idToken": "eyJhbGciOiJSUzI1NiIs..."
}
Used By
POST /auth/social/:provider/verify- HTTP endpoint for native mobile token verificationBaseSocialAuthProviderService.verifyToken()- Internal provider method