JWT

From IndieWeb
Jump to: navigation, search


JWT (JSON Web Token) is a method of encoding and signing JSON data in a URL-safe string.

While JWT is actually designed to represent auth "claims," it can also serve as a general-purpose signing method ignoring all well-defined property names in the spec.

An example JWT in its encoded format looks like the below:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ
zdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4
gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJ
SMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

Extracting the contents of the above JWT results in the JSON object below:

{
  "sub": "1234567890",
  "name": "John Doe",
  "iat": 1516239022
}

Resources

See Also