Awesome Software Engineer

Share this post

What is JWT?

blog.awesomesoftwareengineer.com

What is JWT?

Introduction to JWT

Ray Chong
Jul 1, 2022
2
3
Share this post

What is JWT?

blog.awesomesoftwareengineer.com

What is JWT?

JWT stands for JSON Web Token, it is an open standard used to share security information between two parties.

Basically, a JWT token contains 3 parts:

  1. Header

    Describing the algorithm used in the JWT like HS256, HS512, RS256, etc.

  2. Payload

    Storing the actual data

  3. Signature

    A data signature used to verify whether the data is valid or not

These 3 parts form a JWT token for a client and a server to verify each other. A valid JWT token has 3 parts and is separated by a dot. For example:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

JWT Use Case

JWT is commonly used in API Authentication. We can store the User ID in the JWT token and the client can leverage that token to talk to the server. The server will decode the JWT and read the User ID from the JWT token and verify its identity.

When Not to Use JWT?

  1. Sensitive data

    If you have sensitive data, JWT might not be a good solution for you. When using JWT, we need to store the JWT token on the client-side. People can read the payload by using a JWT decoder like jwt.io. So, don’t use JWT if you have sensitive data.

  2. The size is too large

    Avoid using JWT if your data size is large because it might affect your frontend application. Cookie might not have enough space to store large size of data since it has a size limitation. Also, it will affect API performance as the HTTP request needs to transmit large data to your server.

Thanks for reading Awesome Software Engineer! Subscribe for free to receive new posts and support my work.

3
Share this post

What is JWT?

blog.awesomesoftwareengineer.com
Previous
Next
3 Comments
Peter
Jul 3, 2022Liked by Ray Chong

solid stuff Ray

Expand full comment
Reply
1 reply by Ray Chong
Peter
Jul 3, 2022

solid stuff Ray

Expand full comment
Reply
1 more comment…
TopNewCommunity

No posts

Ready for more?

© 2023 Ray Chong
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing