Kenji Urushima

It doesn't seem your "token" value have an "alg" attribute with "HS256". You can find an example at this site: https://jwt.io/

@lukepayyapilli , I tried verifyJWT and works fine for me. Could you provide the token and the secret which was failed? I can investigate further for it.