From the course: JavaScript: Security Essentials
Overview of JWT - JavaScript Tutorial
From the course: JavaScript: Security Essentials
Overview of JWT
- [Instructor] JWT or JSON Web Token is an open standard that is used to securely transmit information in between parties. If you want to follow along, go to jwt.io and scroll down to this section right here. Basically, the JSON object primarily consists of three items, a header, the payload, and the signature. The header has usually two parts, the type of token, and the hashing algorithm used to encrypt the token. So if you want to change the algorithm for the hashing, you can actually select it here if you want. And when you actually do these things with an application or service like Auth0, you can actually select these things. Then the payload consists of the metadata from the request party that is required from the server. Some typical information you'll see in the payload are issuer of the request, expiration name, et cetera. Finally, the signature is what proves the requester is who he says he is, and is how the request is properly validated. Services like Auth0 uses JWT, and we'll take a look at it in the next video. In fact, the JWT documentation was crafted by the author team. So why use JWT? This is the best way to securely transmit information across parties on the web. So the payload could be used for any type of information you'd like to transmit from two parties. And quite evidently, this can be used to authenticate a user. So when the user is registered to a site, then the token will be used to validate the user as he makes several requests for data.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.