Add a new property "skipSignatureAndExpirationCheck" with a default value of false to security.yml. When skipSignatureAndExpirationCheck is true, then add code to skip token validation – and ONLY skip token validation... JWTVerifier must still execute ALL OTHER existing functions.