Uploaded byMayank Patel
Json web token
JSON Web Tokens (JWT) are a secure method for representing claims between two parties, allowing for digital signing and encryption. They are primarily used for authentication and information exchange, enabling features like single sign-on and secure communication. JWTs consist of a header, payload, and signature, offering scalability and security against certain attacks.
More Related Content
![[OPD 2019] Attacking JWT tokens](/proxy?url=https%3A%2F%2Fcdn.slidesharecdn.com%2Fss_thumbnails%2Fattackingjwttokens-191021171156-thumbnail.jpg%3Fwidth%3D640%26height%3D640%26fit%3Dbounds)
![Levis - Water Conservation - No Wash November - [Leo Burnett Internship 2010]](/proxy?url=https%3A%2F%2Fcdn.slidesharecdn.com%2Fss_thumbnails%2Flevispreso-110205081940-phpapp01-thumbnail.jpg%3Fwidth%3D640%26height%3D640%26fit%3Dbounds)
![PHP Experience 2016 - [Palestra] Json Web Token (JWT)](/proxy?url=https%3A%2F%2Fcdn.slidesharecdn.com%2Fss_thumbnails%2F17h00ivanrosolen-160331183444-thumbnail.jpg%3Fwidth%3D640%26height%3D640%26fit%3Dbounds)
Json web token
- 1. JSON Web Token(JWT)
- 2. MAYANK PATEL APPLICATION ARCHITECT- OILDEX, A SERVICE OF TRANSZAP /Linkedin @maxy_ermayank
- 3. What is JWT? JSONWeb Tokens (JWT) are an open, industry standard RFC 7519 method for representing claims securely between two parties.
- 4. A string representinga set of claims as a JSON object that is encoded in a JWS or JWE, enabling the claims to be digitally signed or MACed and/or encrypted.
- 5. When should youuse JSON Web Tokens?
- 6. Authentication This is themost common scenario for using JWT. Once the user is logged in, each subsequent request will include the JWT, allowing the user to access routes, services, and resources that are permitted with that token.
- 7. Authentication (Cont.) Single SignOn is a feature that widely uses JWT nowadays, because of its small overhead and its ability to be easily used across different domains.
- 8. Information Exchange JSON WebTokens are a good way of securely transmitting information between parties, because as they can be signed, for example using public/private key pairs, you can be sure that the senders are who they say they are.
- 9. Information Exchange (Cont.) Additionally,as the signature is calculated using the header and the payload, you can also verify that the content hasn't been tampered with.
- 10. WHAT IS THEJSON WEB TOKEN STRUCTURE? JSON Web Tokens consist of three parts separated by dots (.), which are: Header Payload Signature
- 11.
- 12.
- 13. PROS AND CONS Standard Scalable Stateless Distributable Web,Desktop and Mobile ready A means to provide granular access control Secure against certain kinds of attacks, like CSRF, and many others. 64Bit encoding
- 14. JWT.IO JWT.IO allows youto decode, verify and generate JWT.
- 15. Using JSON WebTokens as API Keys
- 16.
- 17. JSON Web Signature(JWS)
- 18.
- 19.
- 20.
- 21.
- 22. JSON Web Encryption(JWE)
- 23.