JWT (JSON Web Tokens) - vignesh01105/UserLoginSystem GitHub Wiki

Usecase

1. User dont want to send credentials every time when they access resources in application.
2. Rather then sending credentials, user can send JWT token to server saying that this is my token, please validate and send response.

JWT Elements

• Payload (User data such as issue, expiry)
• Header (Using Algorithm)
• Data Signature

How to use JWT

1. When User login, client send credentials to server to validate.
2. In response the server is generate JWT token and send it back to client.
3. When client sending the next request, it also add the JWT token in the request.
4. Server validates token and send back the response.
5. This methodlogy is mainly focused on accountability not secrets.
6. But if you want to generate token in secret make the method as https.