An introduction to JSON Web Tokens (JWTs).
Thread🧵
Thread🧵
JSON Web Token (JWT) is a standard that defines a way of securely transmitting data as JSON objects between parties.
JWTs can be used as a method of securing API data.
JWTs can be used as a method of securing API data.
A JWT is essentially a string made of three parts. Once decoded, you get two JSON strings that contain the three components of a JWT:
1. Header and Payload
2. Signature
1. Header and Payload
2. Signature
Data exchanged by JWTs is secure because of their digital signature using either a secret or a private key.
The receiver of the JWT verifies the signature to ensure the token hasn't been altered after the issuer signs it.
The receiver of the JWT verifies the signature to ensure the token hasn't been altered after the issuer signs it.
📌 Function of JWTs
Their primary purpose is user-level authentication and authorization in data exchange.
Once a user logs in with their credentials, a JWT is returned and sent with every further request. JWTs are commonly used in Single Sign-on features.
Their primary purpose is user-level authentication and authorization in data exchange.
Once a user logs in with their credentials, a JWT is returned and sent with every further request. JWTs are commonly used in Single Sign-on features.
JWT structure and their ability to be signed ensures that the senders can be securely verified and content remains unaltered.
It also means the server is queried only once, and further requests are authenticated using the JWT.
It also means the server is queried only once, and further requests are authenticated using the JWT.
Thanks for reading! Follow @Rapid_API for more exclusive content. 🐙💙
Loading suggestions...