๐ŸŽ New User? Get 20% off your first purchase with code NEWUSER20 ยท โšก Instant download ยท ๐Ÿ”’ Secure checkout Register Now โ†’
Menu

Categories

Security Intermediate

What is JWT (JSON Web Token)?

A compact, self-contained token format used for securely transmitting information between parties as a JSON object.

JWTs consist of three Base64-encoded parts: header (algorithm), payload (claims/data), and signature (verification). They are commonly used for authentication โ€” after login, the server issues a JWT that the client includes in subsequent requests.

JWTs are stateless (no server-side session needed) and can carry user data. Security considerations include short expiration times, secure storage, HTTPS-only transmission, and proper signature verification.

Related Terms

Security Hardening
The process of reducing a system's attack surface by disabling unnecessary services, applying patches, and configuring security controls.
Supply Chain Attack
A cyberattack that targets less-secure elements in the software supply chain to compromise downstream users and organizations.
Certificate Pinning
A security technique that associates a host with its expected TLS certificate or public key, preventing man-in-the-middle attacks with fraudulent certificates.
OWASP Top 10
A regularly updated list of the ten most critical web application security risks, published by the Open Web Application Security Project.
Encryption
The process of converting readable data into an unreadable format using algorithms, reversible only with the correct key.
Content Security Policy (CSP)
An HTTP security header that controls which resources a browser is allowed to load for a web page, preventing XSS and data injection.
View All Security Terms โ†’