Express JWT Permissions Middleware

library 1.3.7 ·javascript

✓ verified May 27, 2026

Express JWT Permissions is an authorization middleware for Node.js applications, designed to work in conjunction with JWT authentication solutions like `express-jwt`. It inspects a decoded JWT token, typically found on `req.user` (or a configurable property), for a permissions array or a space-delimited scope string. The library, currently at stable version 1.3.7, has a moderate release cadence, primarily focusing on security updates, dependency bumps, and TypeScript typing enhancements. Its key differentiator lies in its flexible permission checking logic, supporting simple strings, arrays for AND logic, and nested arrays for complex OR logic combinations of permissions. It also provides configurable options for `requestProperty` and `permissionsProperty` to accommodate diverse JWT payload structures, moving beyond the default `req.user.permissions` pattern, and facilitates custom error handling for permission denials.

Traffic · last 30 days ↓57% vs prev 7d · indexed Thu Apr 23 · updated Sun Jun 07

total hits 14

actors 6 distinct systems

last hit 2d ago human

MetaBot

GPTBot

Script

Search engines

Humans

top countries 🇺🇸 United States · 🇨🇦 Canada · 🇧🇷 Brazil · 🇩🇪 Germany

Resources

githubgithub.com/MichielDeMey/express-jwt-permissions ↗

packagewww.npmjs.com/package/express-jwt-permissions ↗

API endpoints

full doc /v1/registry/express-jwt-permissions

install /v1/registry/express-jwt-permissions/install

compatibility /v1/registry/express-jwt-permissions/compatibility