JWT: Difference between revisions
| (4 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
* consists of | * consists of | ||
<HEADER>.<PAYLOAD>.<SIGNATURE> | <HEADER>.<PAYLOAD>.<SIGNATURE> | ||
* <PAYLOAD> tells who is making the request | |||
* <SIGNATURE> ensure the correctness (not tampered, trusted source) | |||
** <SIGNATURE> = function(<HEADER>,<PAYLOAD>,<SECRET>) | |||
** <SECRET> is known by the authentication service and by the application server | |||
===Resources=== | |||
* https://jwt.io/ e.g. for decoding | |||
Latest revision as of 00:13, 19 February 2022
Jason Web Token (JWT)[edit]
- pronounced as jott
- consists of
<HEADER>.<PAYLOAD>.<SIGNATURE>
- <PAYLOAD> tells who is making the request
- <SIGNATURE> ensure the correctness (not tampered, trusted source)
- <SIGNATURE> = function(<HEADER>,<PAYLOAD>,<SECRET>)
- <SECRET> is known by the authentication service and by the application server
Resources[edit]
- https://jwt.io/ e.g. for decoding