Overview

JSON Web Token (JWT) used to securely transmit information between parties using JSON.

Structure of a JWT:

Each section is base 64 encoded.

Most implementations use signed, but not encrypted (JWE) tokens.

Header

Contains algorithm and token type.

Algorithm examples: HMAC, HS256, RSA.

Token type examples: JWT.

Payload

Stores claims, which are statements about an entity. Probably information about the user in the exchange.

{
	"name": "Walter White",
	"email": "[email protected]",
	"exp": "123456789",
	"sub": "987654321"
}

Types of claims: