An open industry standard called JSON Web Token is used to exchange data between two entities, often a client (like the front end of your app) and a server (like the back end of your app). They…

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

Each JWT is additionally signed using cryptography (hashing) to ensure that the contents of the JWT cannot be changed by the client or an unsavory party. The JWT will be delivered as a parameter or authorization header from the user agent whenever the user tries to access a protected resource, such as an API or a protected route.

JSON Web Tokens

How is signature is used to ensure Authentication

What If I Want to Encrypt My Tokens Anyway?

<p>Awesome read! Really gives a good and easy to understand of JWT and how it works!</p>
