DEV Community

loading...

What is a JSON Web Token?

Anja
Software Engineer | Linux fan | lawyer | Sharing what I'm learning 😊
・1 min read

What is a Json Web Token(JWT)? It is used for Authorization and makes sure that the User who sends a request to an app is the same person as the person who has logged in before. It can be used as an alternative to Sessions. This is how it works:

  1. The user tries to login
  2. The server checks if the login data is correct, and if so, it creates a JWT (signed with a secret key) and sends it back to the user
  3. The user sends another request with the JWT
  4. The server checks if the JWT is correct and the user is allowed to access that resource. If yes, it sends the response with the desired info to the user

The JWT doesnt get stored on the server side it always applies its algorithm to check it on the fly. If you want to learn more, check out this video: https://www.youtube.com/watch?v=7Q17ubqLfaM&feature=youtu.be

Discussion (0)