What is JWT?

What is JWT?

JWT is JSON Web Token that defines a way for securely transmitting information between different parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA.

Why use JWT?

JWTs are commonly used for organizations that have multiple applications or domains. Their users need to be authenticated once and be authorized to access multiple applications, domains, or resources of that organization.

What does a JWT look like?

JWT looks like a string with three parts separated by dots and represents a string of the following format:

header.payload.signature
  • The header component contains information about how the JWT signature should be computed.
  •  The payload component is the data that is stored inside the JWT. This can be the user information like user ID, name and email.
  • To create the signature component, you have to take the encoded header, the encoded payload, a secret, the algorithm specified in the header, and sign that.

For encoding and decoding JWT we will use a library called PHP-JWT.

Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

*

*