
Decode Apple's id_token (Signin) using pyJWT and Python

How do I, in Python, decode the id_token that Apple sends during the signup process?

I have tried (from here

import jwt
decoded = jwt.decode(token, options={"verify_signature": False})

I get an error:

jwt.exceptions.InvalidAudienceError: Invalid audience

If I copy-paste the id_token into the page then it correctly decodes it into all its parts (header, payload with aud, sub, etc.) So the token itself is correct and I have all the info I need.


  • It works when I provide the expected aud value. aud is the same as the clientId that you provide when you make the first call to Apple for signin (, which is the same as Identifier in the Apple console where you set it up.

    There must be a way to do this without providing aud since this wbeage can do it. However, maybe not in Python...

    import jwt
    decoded = jwt.decode(token, audience="<your app's>",options={"verify_signature": False})