Create takes claim and jwtkey and returns a signed token.

ValidateScopes takes user scopes and checks if it has the scope which is required for accessing the api.

Verify takes jwt and key and verify if jwt is valid and not expired.

current time.