IN28MINUTES

Understanding jwt token

Nov 12, 2020
2 minute read

Image Image

Understanding JWT token

Greetings from in28minutes.com. In this read, we will take a look at the basic overview to JWT (i.e. JSON Web tokens).

What is the JWT token?

JSON Web tokes also known as “jot” are the easy to send read-only signed “claims” between the different services. Claims in the jot token are the bits of user data that is required by someone else for the verification purpose but not alter it. These claims in the JWT token are signed by a key for the protection purpose

How the JWT token looks like?

The JWT token structure consists of three parts i.e. Header, Payload, and Signature separate by a period (.) symbol.

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9           // Header
.eyJrZXkiOiJ2YWwiLCJpYXQiOjE0MjI2MDU0NDV9      // Payload
.eUiabuiKv-8PYk2AkGY4Fb5KMZeorYBLw261JPQD5lM   // Signature

Let us go ahead and understand each part in a little brief -

  • Header - It is the first encoded string part of the jot token that describes the token along with the hashing algorithm uses
  • Payload - It is the second encoded string part of the jot token that describes the token core. It basically contains the data you want to store in the jot token. It contains information like the audience, subject, token expiration time, etc
  • Signature - It is the final encoded string part of the jot token that describes a signature generated based on the header and the payload and will be used to verify whether the jot token is valid or not

Claims in JWT token?

Claims are the predefined key and their values in the JWT/jot token -

  1. iss - Refer to the issuer of the jot token
  2. exp - Refer to the expiration time (in seconds) of the jot token
  3. iat - Refer to the issuance time of the jwt token. Can be used to determine the age of the jot token
  4. nbf - Refer to the field in the jwt token that determines the future time when the jot token will become active
  5. sub - Refer to the subject field
  6. aud - Refer to the audience field
  7. jti - Refer to the unique identifier of the jot token so that the token can’t be reused

In case you would like to read more take a look at this link.

ROADMAPS - Cloud, DevOps & FullStack

SEE what 1 MILLION Learners are learning - https://github.com/in28minutes/roadmaps

FREE Cloud & DevOps Challenge

Start Learning Cloud and DevOps for FREE in 5 DAYS - https://links.in28minutes.com/5-day-cloud



Related Posts

Single sign-on workflow

Let us understand the single sign-on workflow

Oauth2.0 - Resource Owner Password Credentials grant workflow

Let us understand the Oauth2.0 Resource Owner Password Credentials grant workflow

Oauth2.0 - Implicit grant workflow

Let us understand the Oauth2.0 implicit grant workflow

Oauth2.0 - Client Credentials grant workflow

Let us understand the Oauth2.0 client credentials grant workflow

Oauth2.0 - Authorization grant workflow

Let us understand the Oauth2.0 authorization grant workflow

Writing Integration Tests for Rest Services with Spring Boot

Setting up a basic REST Service with Spring Boot is a cake walk. We will go one step further and add great integration tests!

Integrating Spring Boot and Spring JDBC with H2 and Starter JDBC

Learn using Spring Boot Starter JDBC to connect Spring Boot to H2 (in memory database) using Spring JDBC. You will create a simple project with Spring Boot. You will add code to the project to connect to a database using Spring JDBC. You will learn to implement the basic CRUD methods.

JUnit Tutorial for Beginners in 5 Steps

JUnit Tutorial for Beginners in 5 Steps. Setting up a basic JUnit example and understanding the basics of junit.

JPA and Hibernate Tutorial For Beginners - 10 Steps with Spring Boot and H2

JPA and Hibernate in 10 Steps with H2 - Setting up a basic project example with Spring Boot and in memory database H2. Its a cake walk.

Spring Boot Tutorial For Beginners in 10 Steps

Introduction to Spring Boot in 10 Steps. Learn the basics of Spring Boot setting up a basic project example with Spring Boot.

Search