JWT: Difference between revisions

From Wiki RB4
 
(One intermediate revision by the same user not shown)
Line 5: Line 5:
* <PAYLOAD> tells who is making the request
* <PAYLOAD> tells who is making the request
* <SIGNATURE> ensure the correctness (not tampered, trusted source)
* <SIGNATURE> ensure the correctness (not tampered, trusted source)
** <SIGNATURE> = function(<HEADER>,<PAYLOAD>,<SECRET)
** <SIGNATURE> = function(<HEADER>,<PAYLOAD>,<SECRET>)
** <SECRET> is known by the authentication service and by the application server


===Resources===
===Resources===
* https://jwt.io/ e.g. for decoding
* https://jwt.io/ e.g. for decoding

Latest revision as of 00:13, 19 February 2022

Jason Web Token (JWT)[edit]

  • pronounced as jott
  • consists of
<HEADER>.<PAYLOAD>.<SIGNATURE>
  • <PAYLOAD> tells who is making the request
  • <SIGNATURE> ensure the correctness (not tampered, trusted source)
    • <SIGNATURE> = function(<HEADER>,<PAYLOAD>,<SECRET>)
    • <SECRET> is known by the authentication service and by the application server

Resources[edit]

Retrieved from "http://uweheuer.spdns.de/mediawiki_new/index.php?title=JWT&oldid=9850"