Json Web Tokens (JWTs)
Read about JWTs - a method of securing data exchanges
Overview
After your user authenticates, the AuthN service can send you JWTs - which include the same data as the example above but in a different format. The format includes:
- A header - A response header that indicates the intention for the request
- A payload - Contains who the user is and what they can do
- A signature - Verifies that the token is valid
JWTs returned by the AuthN service are Base64 encrypted and you will need a JWT library to decode it.
Basics
In general, a JWT contains three components: header, payload, and signature, and are self-contained. Self-contained means that a server receiving a JWT can exclusively use token details from a JWTs payload to verify without having to make other calls.