Json web token

•

3 likes•3,003 views

What is JWT? When should you use JSON Web Tokens? WHAT IS THE JSON WEB TOKEN STRUCTURE? JWT Process PROS AND CONS JWT.IO Using JSON Web Tokens as API Keys

Technology

MAYANK PATEL
APPLICATION ARCHITECT - OILDEX, A SERVICE OF TRANSZAP
/Linkedin @maxy_ermayank

What is JWT?
JSON Web Tokens (JWT) are an open,
industry standard RFC 7519 method for
representing claims securely between two
parties.

A string representing a set of claims as a JSON
object that is encoded in a JWS or JWE,
enabling the claims to be digitally signed or
MACed and/or encrypted.

Authentication
This is the most common scenario for using
JWT. Once the user is logged in, each
subsequent request will include the JWT,
allowing the user to access routes, services,
and resources that are permitted with that
token.

Authentication (Cont.)
Single Sign On is a feature that widely uses
JWT nowadays, because of its small overhead
and its ability to be easily used across
different domains.

Information Exchange
JSON Web Tokens are a good way of securely
transmitting information between parties,
because as they can be signed, for example
using public/private key pairs, you can be sure
that the senders are who they say they are.

Information Exchange (Cont.)
Additionally, as the signature is calculated
using the header and the payload, you can
also verify that the content hasn't been
tampered with.

WHAT IS THE JSON WEB TOKEN STRUCTURE?
JSON Web Tokens consist of three parts separated by dots (.),
which are:
Header
Payload
Signature

PROS AND CONS
Standard
Scalable
Stateless
Distributable
Web, Desktop and Mobile ready
A means to provide granular access control
Secure against certain kinds of attacks, like CSRF, and
many others.
64Bit encoding

JWT.IO
JWT.IO allows you to decode, verify and
generate JWT.

What's hot

Introduction to JWT and How to integrate with Spring SecurityBruno Henrique Rother

Modern API Security with JSON Web TokensJonathan LeBlanc

Token Authentication in ASP.NET CoreStormpath

Use Node.js to create a REST APIFabien Vauchelles

Json web tokensElieHannouch

[OPD 2019] Attacking JWT tokensOWASP

Spring security oauth2axykim00

FIWARE Identity Management and Access ControlFIWARE

Authenticating Angular Apps with JWTJennifer Estrada

RESTful Web ServicesChristopher Bartling

OAuth2 - IntroductionKnoldus Inc.

Spring I/O 2012: Natural Templating in Spring MVC with ThymeleafThymeleaf

Lecture 3: Servlets - Session ManagementFahad Golra

Node js introductionJoseph de Castelnau

OAuth 2.0Uwe Friedrichsen

Building Advanced XSS VectorsRodolfo Assis (Brute)

OpenID Connect ExplainedVladimir Dzhuvinov

Introduction to the Web APIBrad Genereaux

ASP.NET Web APIhabib_786

WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourSoroush Dalili

What's hot (20)

Introduction to JWT and How to integrate with Spring Security

Modern API Security with JSON Web Tokens

Token Authentication in ASP.NET Core

Use Node.js to create a REST API

Json web tokens

[OPD 2019] Attacking JWT tokens

Spring security oauth2

FIWARE Identity Management and Access Control

Authenticating Angular Apps with JWT

RESTful Web Services

OAuth2 - Introduction

Spring I/O 2012: Natural Templating in Spring MVC with Thymeleaf

Lecture 3: Servlets - Session Management

Node js introduction

OAuth 2.0

Building Advanced XSS Vectors

OpenID Connect Explained

Introduction to the Web API

ASP.NET Web API

WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour

Viewers also liked

JWT Ukraine 150 Anniversary PresentationJ. Walter Thompson Ukraine

Gert Pauwels St CannekeStephanie1301

JwtCasper Brazier

JWT AnxietyIndex: Egypt (November 2010)J. Walter Thompson Intelligence

DMI Stefan Moritz May 2011Stefan Moritz

Laced souls, a sneaker documentary backupCasper Brazier

Tony Soares PortfolioTonySoares

Leo BurnettWendy Marshall

Middleware in Golang: InVision's RyeCale Hoopes

Social-shop-research-overviewLeo Burnett

Meet OgilvyLauren Moss

Designing for real world participation and social interactionAndrew Barrie

Levis - Water Conservation - No Wash November - [Leo Burnett Internship 2010]Jake Szymanski

Prototyping at the speed of cultureSami Viitamäki

Leo-Burnett!mridu2903

Nicolas Bordas - TBWA - HUBFORUM Paris 2013 HUB INSTITUTE

DEL STORYTELLING AL STORYDOINGMelvin Peña

TBWA quote compilation on change on mad-blog.commad blog

Sylvie Dewaele - Storytelling vs. StorydoingSanoma Belgium

Business design, Miša Lukić, Leo Burnett Srbija, MQ konferenca, 14. November ...Zdruzenje_Manager

Viewers also liked (20)

JWT Ukraine 150 Anniversary Presentation

Gert Pauwels St Canneke

Jwt

JWT AnxietyIndex: Egypt (November 2010)

DMI Stefan Moritz May 2011

Laced souls, a sneaker documentary backup

Tony Soares Portfolio

Leo Burnett

Middleware in Golang: InVision's Rye

Social-shop-research-overview

Meet Ogilvy

Designing for real world participation and social interaction

Levis - Water Conservation - No Wash November - [Leo Burnett Internship 2010]

Prototyping at the speed of culture

Leo-Burnett!

Nicolas Bordas - TBWA - HUBFORUM Paris 2013

DEL STORYTELLING AL STORYDOING

TBWA quote compilation on change on mad-blog.com

Sylvie Dewaele - Storytelling vs. Storydoing

Business design, Miša Lukić, Leo Burnett Srbija, MQ konferenca, 14. November ...

Similar to Json web token

Uniface Lectures Webinar - Application & Infrastructure Security - JSON Web T...Uniface

Jwt with flask slide deck - alan swensonJeffrey Clark

Jwt the complete guide to json web tokensremayssat

Webinar – Blockchain, NFT, Crypto & DeFi – A Primer for these exciting develo...Zeeve

Json web tokensThirupathiReddy Vajjala

Web servicesAkshay Ballarpure

Authorization Using JWTsForgeRock Identity Tech Talks

Overview on BlockchainRaviteja Avadhanula

Uport a blockchain platform for self-sovereign identityIan Beckett

JwtFrank Linehan

Blockchainvrkhandelwal

Solo ConceptMozoProject

Cto enggary wang

LayerZero_Whitepaper_Release.pdfHunhKhnhLong

Introduction to Ethereum Blockchain & Smart ContractThanh Nguyen

Introduction to Blockchain TechnologyMd. Hasan Basri (Angel)

D1-3-SignalingOleg Levy

5 easy steps to understanding json web tokens (jwt)Amit Gupta

Blockchain DeFi Innovation Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP

Micro Web Service - Slim and JWTTuyen Vuong

Similar to Json web token (20)

Uniface Lectures Webinar - Application & Infrastructure Security - JSON Web T...

Jwt with flask slide deck - alan swenson

Jwt the complete guide to json web tokens

Webinar – Blockchain, NFT, Crypto & DeFi – A Primer for these exciting develo...

Json web tokens

Web services

Authorization Using JWTs

Overview on Blockchain

Uport a blockchain platform for self-sovereign identity

Jwt

Blockchain

Solo Concept

Cto eng

LayerZero_Whitepaper_Release.pdf

Introduction to Ethereum Blockchain & Smart Contract

Introduction to Blockchain Technology

D1-3-Signaling

5 easy steps to understanding json web tokens (jwt)

Blockchain DeFi Innovation Insights from Patents

Micro Web Service - Slim and JWT

Recently uploaded

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia

Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies

TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc

From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal

Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700

Salesforce Community Group Quito, Salesforce 101Paola De la Torre

Partners Life - Insurer Innovation Award 2024The Digital Insurer

How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes

Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2

GenCyber Cyber Security Day PresentationMichael W. Hawkins

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j

Presentation on how to chat with PDF using ChatGPT code interpreternaman860154

The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los

Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge

CNv6 Instructor Chapter 6 Quality of Servicegiselly40

Developing An App To Navigate The Roads of BrazilV3cube

Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK

Recently uploaded (20)

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...

Factors to Consider When Choosing Accounts Payable Services Providers.pptx

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...

Salesforce Community Group Quito, Salesforce 101

Partners Life - Insurer Innovation Award 2024

How to Troubleshoot Apps for the Modern Connected Worker

Exploring the Future Potential of AI-Enabled Smartphone Processors

GenCyber Cyber Security Day Presentation

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Presentation on how to chat with PDF using ChatGPT code interpreter

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Driving Behavioral Change for Information Management through Data-Driven Gree...

CNv6 Instructor Chapter 6 Quality of Service

Developing An App To Navigate The Roads of Brazil

Unblocking The Main Thread Solving ANRs and Frozen Frames

Json web token

1. JSON Web Token (JWT)

2. MAYANK PATEL APPLICATION ARCHITECT - OILDEX, A SERVICE OF TRANSZAP /Linkedin @maxy_ermayank

3. What is JWT? JSON Web Tokens (JWT) are an open, industry standard RFC 7519 method for representing claims securely between two parties.

4. A string representing a set of claims as a JSON object that is encoded in a JWS or JWE, enabling the claims to be digitally signed or MACed and/or encrypted.

5. When should you use JSON Web Tokens?

6. Authentication This is the most common scenario for using JWT. Once the user is logged in, each subsequent request will include the JWT, allowing the user to access routes, services, and resources that are permitted with that token.

7. Authentication (Cont.) Single Sign On is a feature that widely uses JWT nowadays, because of its small overhead and its ability to be easily used across different domains.

8. Information Exchange JSON Web Tokens are a good way of securely transmitting information between parties, because as they can be signed, for example using public/private key pairs, you can be sure that the senders are who they say they are.

9. Information Exchange (Cont.) Additionally, as the signature is calculated using the header and the payload, you can also verify that the content hasn't been tampered with.

10. WHAT IS THE JSON WEB TOKEN STRUCTURE? JSON Web Tokens consist of three parts separated by dots (.), which are: Header Payload Signature

11. Example xxxxx.yyyyy.zzzzz

12. JWT Process

13. PROS AND CONS Standard Scalable Stateless Distributable Web, Desktop and Mobile ready A means to provide granular access control Secure against certain kinds of attacks, like CSRF, and many others. 64Bit encoding

14. JWT.IO JWT.IO allows you to decode, verify and generate JWT.

15. Using JSON Web Tokens as API Keys

16. Glossary

17. JSON Web Signature (JWS)

18. Digital Signature

19. Message Authentication Code (MAC)

20. JWS Compact Serialization

21. JWS Payload

22. JSON Web Encryption (JWE)

23. Thank You!!!