diff --git a/package-lock.json b/package-lock.json
index 7dd8b2b7..04595f0c 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -36,6 +36,7 @@
         "graphql": "^16.7.1",
         "graphql-tag": "^2.12.6",
         "graphql-type-json": "^0.3.2",
+        "jose1": "npm:jose@^1.27.2",
         "ln-service": "^56.9.0",
         "mathjs": "^11.9.1",
         "mdast-util-find-and-replace": "^3.0.0",
@@ -2967,6 +2968,14 @@
       "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
       "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA=="
     },
+    "node_modules/@panva/asn1.js": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/@panva/asn1.js/-/asn1.js-1.0.0.tgz",
+      "integrity": "sha512-UdkG3mLEqXgnlKsWanWcgb6dOjUzJ+XC5f+aWw30qrtjxeNUSfKX1cd5FBzOaXQumoe9nIqeZUvrRJS03HCCtw==",
+      "engines": {
+        "node": ">=10.13.0"
+      }
+    },
     "node_modules/@panva/hkdf": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/@panva/hkdf/-/hkdf-1.1.1.tgz",
@@ -9529,6 +9538,22 @@
         "url": "https://github.com/sponsors/panva"
       }
     },
+    "node_modules/jose1": {
+      "name": "jose",
+      "version": "1.27.2",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-1.27.2.tgz",
+      "integrity": "sha512-zLIwnMa8dh5A2jFo56KvhiXCaW0hFjdNvG0I5GScL8Wro+/r/SnyIYTbnX3fYztPNSfgQp56sDMHUuS9c3e6bw==",
+      "deprecated": "this version is no longer supported",
+      "dependencies": {
+        "@panva/asn1.js": "^1.0.0"
+      },
+      "engines": {
+        "node": ">=10.13.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
     "node_modules/js-sha256": {
       "version": "0.9.0",
       "resolved": "https://registry.npmjs.org/js-sha256/-/js-sha256-0.9.0.tgz",
@@ -21612,6 +21637,11 @@
         }
       }
     },
+    "@panva/asn1.js": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/@panva/asn1.js/-/asn1.js-1.0.0.tgz",
+      "integrity": "sha512-UdkG3mLEqXgnlKsWanWcgb6dOjUzJ+XC5f+aWw30qrtjxeNUSfKX1cd5FBzOaXQumoe9nIqeZUvrRJS03HCCtw=="
+    },
     "@panva/hkdf": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/@panva/hkdf/-/hkdf-1.1.1.tgz",
@@ -26672,6 +26702,14 @@
       "resolved": "https://registry.npmjs.org/jose/-/jose-4.14.4.tgz",
       "integrity": "sha512-j8GhLiKmUAh+dsFXlX1aJCbt5KMibuKb+d7j1JaOJG6s2UjX1PQlW+OKB/sD4a/5ZYF4RcmYmLSndOoU3Lt/3g=="
     },
+    "jose1": {
+      "version": "npm:jose@1.27.2",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-1.27.2.tgz",
+      "integrity": "sha512-zLIwnMa8dh5A2jFo56KvhiXCaW0hFjdNvG0I5GScL8Wro+/r/SnyIYTbnX3fYztPNSfgQp56sDMHUuS9c3e6bw==",
+      "requires": {
+        "@panva/asn1.js": "^1.0.0"
+      }
+    },
     "js-sha256": {
       "version": "0.9.0",
       "resolved": "https://registry.npmjs.org/js-sha256/-/js-sha256-0.9.0.tgz",
diff --git a/package.json b/package.json
index 9cf9fcfd..ba5ca349 100644
--- a/package.json
+++ b/package.json
@@ -37,6 +37,7 @@
     "graphql": "^16.7.1",
     "graphql-tag": "^2.12.6",
     "graphql-type-json": "^0.3.2",
+    "jose1": "npm:jose@^1.27.2",
     "ln-service": "^56.9.0",
     "mathjs": "^11.9.1",
     "mdast-util-find-and-replace": "^3.0.0",
diff --git a/pages/api/auth/[...nextauth].js b/pages/api/auth/[...nextauth].js
index 840127a1..b9be7136 100644
--- a/pages/api/auth/[...nextauth].js
+++ b/pages/api/auth/[...nextauth].js
@@ -6,8 +6,9 @@ import EmailProvider from 'next-auth/providers/email'
 import prisma from '../../../api/models'
 import nodemailer from 'nodemailer'
 import { PrismaAdapter } from '@auth/prisma-adapter'
-import { getToken } from 'next-auth/jwt'
+import { decode, getToken } from 'next-auth/jwt'
 import { NodeNextRequest } from 'next/dist/server/base-http/node'
+import jose1 from 'jose1'
 
 function getCallbacks (req) {
   return {
@@ -158,6 +159,38 @@ export const getAuthOptions = req => ({
   session: {
     strategy: 'jwt'
   },
+  jwt: {
+    decode: async ({ token, secret }) => {
+      // attempt to decode using new jwt decode
+      try {
+        const _token = await decode({ token, secret })
+        if (_token) {
+          return _token
+        }
+      } catch (err) {
+        console.log('next-auth v4 jwt decode failed', err)
+      }
+
+      // attempt to decode using old jwt decode from next-auth v3
+      // https://github.com/nextauthjs/next-auth/blob/ab764e379377f9ffd68ff984b163c0edb5fc4bda/src/lib/jwt.js#L52
+      try {
+        const signingKey = jose1.JWK.asKey(JSON.parse(process.env.JWT_SIGNING_PRIVATE_KEY))
+        const verificationOptions = {
+          maxTokenAge: '2592000s',
+          algorithms: ['HS512']
+        }
+        const _token = jose1.JWT.verify(token, signingKey, verificationOptions)
+        if (_token) {
+          console.log('next-auth v3 jwt decode success')
+          return _token
+        }
+      } catch (err) {
+        console.log('next-auth v3 jwt decode failed', err)
+      }
+
+      return null
+    }
+  },
   pages: {
     signIn: '/login',
     verifyRequest: '/email',