July 2017
Beginner to intermediate
340 pages
7h 43m
English
Content preview from Python Microservices Development
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
The JWT standard
The JSON Web Token (JWT) described in RFC 7519 (https://tools.ietf.org/html/rfc7519) is a standard that is commonly used to represent tokens.
Tokens are, in that case, a long string composed of three dot-separated parts:
- Header: This provides info on the token, such as which hashing algorithm is used
- Payload: This is the actual data
- Signature: This is a signed hash of the token to check that it's legitimate
JWT tokens are base64 encoded so they can be used in query strings.
Here's a JWT token in its encoded form:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoidGFyZWsifQ.OeMWz6ahNsf-TKg8LQNdNMnFHNtReb0x3NMs0eY64WA
Each part in the token above is separated by a line break for display purpose. The original token is a ...