# amazon web services - Verify JWT signature with RSA public key in PHP

In PHP, I'm trying to validate an AWS auth token (JWT returned from getOpenIdTokenForDeveloperIdentity) using the AWS's RSA public key (which I generated from modulus/exponent at https://cognito-identity.amazonaws.com/.well-known/jwks_uri). The key begins with the appropriate headers/footers`-----BEGIN RSA PUBLIC KEY-----`

etc. I've looked at a few PHP libraries like`Emarref\Jwt\Jwt`

, however I get the error:`error:0906D06C:PEM routines:PEM_read_bio:no start line`

. It all boils down to the basic php function:`openssl_verify`

.

I've looked at the php.net/manual for openssl-verify, but I'm still not clear on the parameter details. The algorithm needed is`RS512`

.

I am able to verify the JWT token using node.js with no problems (same key and token). For that I used the library: https://github.com/auth0/node-jsonwebtoken

Not sure why this doesn't work in PHP. Can I not use an RSA Public Key?

```
function verifyKey($public_key) {
$jwt = new Emarref\Jwt\Jwt();
$algorithm = new Emarref\Jwt\Algorithm\Rs512();
$factory = new Emarref\Jwt\Encryption\Factory();
$encryption = $factory->create($algorithm);
$encryption->setPublicKey($public_key);
$context = new Emarref\Jwt\Verification\Context($encryption);
$token = $jwt->deserialize($authToken);
try {
$jwt->verify($token, $context);
} catch (Emarref\Jwt\Exception\VerificationException $e) {
debug($e->getMessage());
}
}
```

## Answer

## Solution:

Could you try using another PHP library: https://github.com/Spomky-Labs/jose

## Answer

## Solution:

I was able to get this library to work. However I had to build the key using KeyFactory::createFromValues instead of KeyFactory::createFromPEM. THANK YOU!