Flask-jwt-extended

Latest version: v4.7.1

Safety actively analyzes 710445 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 3 of 16

4.3.1

* Allow Flask-JWT-Extended to work with new Cryptography versioning scheme (452)

4.3.0

* Allow overriding cookies domain at runtime (446). Thanks bejito!
* Better compatibility with flask 1.x.x and 2.x.x (440). Thanks StefanVDWeide
* Documentation updates (443, 444). Thanks killthekitten and juur

4.2.3

* Fix compatibility with Flask 1.x.x that was broke with the 4.2.2 release (see 437). Thanks j178 for pointing this out!

4.2.2

* Added async support to jwt_required view decorator (436). Thanks StefanVDWeide!
* Minor documentation improvements. Thanks rohitsanj-jovian!

4.2.1

* Update Flask-JWT-Extended to work with flask 2.x.x. (427).

4.2.0

* Add `JWT_ENCODE_NBF` configuration option to allow disabling the NBF claim during token creation. Thanks magnunleno! 416
* Add a new `get_jwt_request_location()` function to determine where a token was parsed from in a request (useful for implicit token refresh with cookies). Thanks sammck! 420
* Fix wrong error message in edge case with current user in non-decorated route. 408
* Fix JWT in headers followed by a comma raises IndexError 347
* Fix edge cases where `jwt_required(optional=True)` was treating a request as if there was jwt present instead of handling the `InvalidHeaderError`. 421
* Add a `JWT_QUERY_STRING_VALUE_PREFIX` configuration option. 421
* Update error messages to provide more helpful information to callers when they are sending in a token in an unexpected way.

Page 3 of 16

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.