Section: IT & Technology · Web DevelopmentDifficulty: Medium

JWT

USUK

JSON Web Token — a compact, self-contained token for securely transmitting information between parties.

Also: JSON Web Token

Definition

JSON Web Token (JWT) is an open standard (RFC 7519) for securely transmitting information between parties as a JSON object. JWTs are digitally signed (using HMAC or RSA) and can optionally be encrypted. A JWT consists of three Base64-encoded parts separated by dots: header (algorithm info), payload (claims like user ID and expiration), and signature. JWTs are stateless — servers do not need to store session data because the token itself contains all necessary information.

Example

After login, a server issues a JWT containing the user's ID and roles; the client sends this token with every API request, and the server validates it without a database lookup.

Synonyms

  • access token
  • bearer token
  • authentication token
  • signed token

Antonyms / Opposites

  • session cookie
  • server-side session

Images

CC-licensed · free to use
More on Wikimedia
Loading images…

Video

Related Terms

  • oauth
  • authentication
  • session
  • api

Dictionary Entry

Back to IT & Technology