May 11, 2024
3 minute read
JSON Web Token, or JWT, is a JSON-based open standard for representing claims securely between two parties, known as the issuer and the subject, as a JSON object. Tokens can be used in various scenarios, such as authentication, authorization, information exchange, or any other scenario that requires proof of a claim made about a subject.
Origins and Structure
JWTs were initially proposed in 2015 and are defined in RFC 7519. A JWT consists of three parts, separated by periods:
-
Header: The header contains metadata about the token, including the token's type and the signing algorithm used.
-
Payload: The payload contains the claims about the subject, such as the user's name, email address, or other information.
-
Signature: The signature is created using the header and payload, along with a secret key known only to the issuer, using the signing algorithm specified in the header.
Working of JWT
gmdj0p|
Find a path to becoming a JSON Web Token (JWT). Learn more at:
OpenCourser.com/topic/gmdj0p/json
Reading list
We've selected four books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
JSON Web Token (JWT).
A more in-depth book on JWTs that covers advanced topics such as using JWTs with different programming languages and integrating JWTs with other security technologies.
A comprehensive tutorial on JWTs that covers the basics, including the structure of JWTs, how to create and verify them, and how to use them in applications.
A book on securing web APIs with JWTs that covers topics such as creating and verifying JWTs, and using JWTs with different programming languages.
A book on building APIs with Node.js and MongoDB that includes a chapter on securing APIs with JWTs.
For more information about how these books relate to this course, visit:
OpenCourser.com/topic/gmdj0p/json