kdipaolo/jwt_auth.md

Created October 30, 2018 12:04

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/kdipaolo/7916cc517ea93c7199e550dac6dc6e1d.js"></script>
Save kdipaolo/7916cc517ea93c7199e550dac6dc6e1d to your computer and use it in GitHub Desktop.

Download ZIP

Understanding JSON Web Token Authentication

Raw

jwt_auth.md

JWT

Definition

A JSON Web Token (JWT) is a safe, compact, and self-contained way of transmitting information between multiple parties in the form of a JSON object.

Structure

A JSON Web Token consists of three parts that are separated by a “.”. They are: Header, Payload, Signature

Header

The header typically consists of two parts: the token’s type, and the hashing algorithm that is being used.

{
  "alg": "HS256",
  "typ": "JWT
}

Payload

The payload is where the actual information that we want to send is stored.

{
  "id": "65165751325",
  "name": "Kurt DiPaolo",
  "admin": true
}

Signature

The signature is used to verify that the message was not altered before reaching its destination. This is usually done by using private keys.

https://blog.bitsrc.io/understanding-json-web-token-authentication-a1febf0e15

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment