Flask-jwt-extended

Latest version: v4.7.1

Safety actively analyzes 710445 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 8 of 16

3.11.0

* Adds new `JWT_ERROR_MESSAGE_KEY` option to change the JSON key on the default error messages (160)

3.10.0

* Adds new `JWT_CLAIMS_IN_REFRESH_TOKEN` configuration option, which if set to true will cause the user claims to be loaded into refresh tokens as well as access tokens (100).

3.9.1

I forgot to actually increase the version number on the 3.9.0 release. Whoops. Nothing new from 3.9.0 minus a the version number fix.

3.9.0

* Allows passing JWTs in via the query string (117). Note that in most cases this is not a great idea, see the documentation as to why.
* Break out code to verify JWTs in a request into helper functions. This allows you to easily create your own decorators that utilize this extension (such as a `role_required` decorator), or hook up functionality to a flask before_request. (131)

3.8.2

* Allow option to unset access and refresh cookies independently of each other (148)

3.8.1

* Fixes JSON encoder added in 3.8.0 (140)

Page 8 of 16

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.