JSON Web Tokens (JWT)
JSON Web Token (JWT) is an open standard for representing passing claims securely between two parties as three concatenated base64url-encoded strings of JSON data, joined by dots (
.). JWTs are used for authentication, authorization, and information exchange.
The first string is the JOSE Header, which describes the digital signature or HMAC applied to the second string. The second string is a JWS payload, which contains JSON-encoded claims which are the information to be exchanged. Finally, the third string is a JWS signature that can be used to validate that the header and payload segments were not altered.
Broader Topics Related to JSON Web Tokens (JWT)
The URL-compatible form of base64 encoding
Standards set by the IETF
JSON Object Signing and Encryption (JOSE)
A set of technologies used to encrypt and sign content
JSON Web Signatures (JWS)
A method to represent content secured with digital signatures or MACs using JSON, defined by RFC 7515