# JWT Interceptions The JWT Services will announce some key events for you to listen to * `cbSecurity_onJWTCreation` - Whenever a new token is generated for a user * `cbSecurity_onJWTInvalidation` - Whenever an invalidation occurs for a token * `cbSecurity_onJWTValidAuthentication` - Whenever a valid JWT token is parsed, tested and authenticated with the authentication services * `cbSecurity_onJWTInvalidUser` - When trying to find the token's subject and the user service returns null or not a valid user * `cbSecurity_onJWTInvalidClaims` - When the parsed token does not adhere to the required claims * `cbSecurity_onJWTExpiration` - When the parsed token has expired * `cbSecurity_onJWTStorageRejection` - When the parsed token is valid but cannot be found in the permanent storage * `cbSecurity_onJWTValidParsing` - When the parsed token has passed all validation procedures but has NOT been authenticated yet. ## cbSecurity\_onJWTCreation This event has the following data in the `interceptData` struct | Key | Description | | --------- | -------------------------------------- | | `token` | The JWT token | | `payload` | The payload that was used to create it | | `user` | The user it belongs to | ## cbSecurity\_onJWTInvalidation This event has the following data in the `interceptData` struct | Key | Description | | ------- | ---------------------------------- | | `token` | The JWT token that was invalidated | ## cbSecurity\_onJWTValidAuthentication This event has the following data in the `interceptData` struct | Key | Description | | --------- | ----------------------------- | | `token` | The JWT token that was parsed | | `payload` | The payload that was decoded | | `user` | The authenticated user | ## cbSecurity\_onJWTInvalidUser This event has the following data in the `interceptData` struct | Key | Description | | --------- | ------------------------------- | | `token` | The JWT token that was parsed | | `payload` | The JWT payload that was parsed | ## cbSecurity\_onJWTInvalidClaims This event has the following data in the `interceptData` struct | Key | Description | | --------- | ------------------------------- | | `token` | The JWT token that was parsed | | `payload` | The JWT payload that was parsed | ## cbSecurity\_onJWTExpiration This event has the following data in the `interceptData` struct | Key | Description | | --------- | ------------------------------- | | `token` | The JWT token that was parsed | | `payload` | The JWT payload that was parsed | ## cbSecurity\_onJWTStorageRejection This event has the following data in the `interceptData` struct | Key | Description | | --------- | ------------------------------- | | `token` | The JWT token that was parsed | | `payload` | The JWT payload that was parsed | ## cbSecurity\_onJWTValidParsing This event has the following data in the `interceptData` struct | Key | Description | | --------- | ------------------------------- | | `token` | The JWT token that was parsed | | `payload` | The JWT payload that was parsed | ## Example {% code title="interceptors/SecurityAudit.cfc" %} ```javascript component extends="coldbox.system.Interceptor"{ function cbSecurity_onJWTCreation( event, interceptData ){ // do what you like here } } ``` {% endcode %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://coldbox-security.ortusbooks.com/v2.x-3/jwt/jwt-interceptions.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.