Skip to content

Instantly share code, notes, and snippets.

@kdipaolo

kdipaolo/jwt_auth.md

Created October 30, 2018 12:04
Show Gist options
  • Save kdipaolo/7916cc517ea93c7199e550dac6dc6e1d to your computer and use it in GitHub Desktop.
Save kdipaolo/7916cc517ea93c7199e550dac6dc6e1d to your computer and use it in GitHub Desktop.
Download ZIP
Understanding JSON Web Token Authentication
Raw
jwt_auth.md

JWT

Definition

A JSON Web Token (JWT) is a safe, compact, and self-contained way of transmitting information between multiple parties in the form of a JSON object.

Structure

A JSON Web Token consists of three parts that are separated by a “.”. They are: Header, Payload, Signature

Header

The header typically consists of two parts: the token’s type, and the hashing algorithm that is being used.

{
  "alg": "HS256",
  "typ": "JWT
}

Payload

The payload is where the actual information that we want to send is stored.

{
  "id": "65165751325",
  "name": "Kurt DiPaolo",
  "admin": true
}

Signature

The signature is used to verify that the message was not altered before reaching its destination. This is usually done by using private keys.

https://blog.bitsrc.io/understanding-json-web-token-authentication-a1febf0e15

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment