JSON Web Token | jwt
FromWikipedia,thefreeencyclopediaJSON-basedstandardforpassingclaimsbetweenpartiesinwebapplicationenvironmentsJSONWebToken(JWT,pronounced,sameastheword"jot"[1])isaproposedInternetstandardforcreatingdatawithoptionalsignatureand/oroptionalencryptionwhosepayloadholdsJSONthatassertssomenumberofclaims.Thetokensaresignedeitherusingaprivatesecretorapublic/privatekey.Forexample,aservercouldgenerateatokenthathastheclaim"loggedinasadministrator"andprovidethattoaclient.Theclientcouldthenusethattokentopr...
From Wikipedia, the free encyclopedia
JSON-based standard for passing claims between parties in web application environments
JSON Web Token (JWT, pronounced , same as the word "jot"[1]) is a proposed Internet standard for creating data with optional signature and/or optional encryption whose payload holds JSON that asserts some number of claims. The tokens are signed either using a private secret or a public/private key.
For example, a server could generate a token that has the claim "logged in as administrator" and provide that to a client. The client could then use that token to prove that it is logged in as admin. The tokens can be signed by one partys private key (usually the servers) so that any party can subsequently verify whether or not the token is legitimate. If the other party, by some suitable and trustworthy means, is in possession of the corresponding public key, they too are able to verify the tokens legitimacy. The tokens ar...