Member-only story
Link for non-members users
JSON Web Tokens is a data format used to send data between the client and the server for authentication or authorization.
it’s useful as all data is stored on the client side rather than the server side.
JWT Format
A JWT consists of 3 parts: a header, a payload, and a signature. each separated by a dot.
eyJraWQiOiI5MTM2ZGRiMy1jYjBhLTRhMTktYTA3ZS1lYWRmNWE0NGM4YjUiLCJhbGciOiJSUzI1NiJ9The Header
is a Base64url-encoded JSON object that contains metadata about the token itself like an algorithm.
The Payload
is a Base64url-encoded JSON object that contains the actual data.
The Signature
the signature is generated by hashing the header and the payload and then encrypting it.
As the signature is directly derived from the header and the payload, changing a single byte of the header or payload results in a mismatched signature so it helps to maintain integrity.
Integrity is keeping the data not modified by an unauthorized person while transferring it.
Without knowing the server’s secret key, it shouldn’t be possible to generate the…
