reading-notes

JWT

Intro to JWT

1. What is a JSON Web Token (JWT)?
   JSON Web Token (JWT) is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.
2. When should we use JSON Web Tokens?
   JSON Web Tokens should be used for Authorization and Information Exchange.
3. Claims are expected in which structural component of a JWT?
   Claims are in the second part of the payload. The three types of claims are registered, public, and private claims.

Are JWTs Secure?

1. If I get a JWT and I can decode the payload, how can we call that secure?\
2. If sending a JWT, what must sender and receiver both know? Hint, it’s appended in the signature.
3. Explain how concatenated content and secret can be sent and received securely to a non-technical recruiter.

JWTs Explained

1. Why use JWT?
2. JWT is Compact and self-contained. Describe how this is useful to a non-technical friend.
3. What are the three components (the structure) of a JWT signature?