"JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.
JWT.IO allows you to decode, verify and generate JWT."
HEADER:ALGORITHM & TOKEN TYPE
{
"alg": "HS256",
"typ": "JWT"
}
PAYLOAD:DATA
{
"sub": "1234567890",
"name": "John Doe",
"admin": true
}
VERIFY SIGNATURE
HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
) secret
base64 encoded, separated by dots
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
course: Introduction to OAuth2, OpenID Connect and JSON Web Tokens (JWT) | Pluralsight
The Anatomy of a JSON Web Token | Scotch
JSON Web Token - Wikipedia, the free encyclopedia
course: Introduction to OAuth2, OpenID Connect and JSON Web Tokens (JWT) | Pluralsight
The Anatomy of a JSON Web Token | Scotch
JSON Web Token - Wikipedia, the free encyclopedia