[go: up one dir, main page]
Scribd
Upload
36 views3 pages

JWT Authentication - Roadmap - SH

The document provides an overview of JWT (JSON Web Token) authentication, explaining its structure, how it works, and the different types of claims involved. It highlights the token's self-contained nature, which allows it to carry data and be validated using a secret key. Additionally, it mentions the community aspect of roadmap.sh, a resource for developers with a focus on DevOps and cloud-native computing.

Uploaded by

ENGINEERING zone
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
36 views3 pages

JWT Authentication - Roadmap - SH

The document provides an overview of JWT (JSON Web Token) authentication, explaining its structure, how it works, and the different types of claims involved. It highlights the token's self-contained nature, which allows it to carry data and be validated using a secret key. Additionally, it mentions the community aspect of roadmap.sh, a resource for developers with a focus on DevOps and cloud-native computing.

Uploaded by

ENGINEERING zone
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Best

Roadmaps Guides Videos ⌘K Account


Practices

Kamran Ahmed · Visual Guide · Improve this Guide

JWT Authentication
Understand what is JWT authentication and how is it implemented

JWT-ISONWebTokens @kamranahmedse

Formoftokenbasedauthentication.BasedonanOpenStandard(RFC7519).
Canbeusedforauthorizationaswellassecureinfoexchange. ©Validatecredentials

Howdoesitwork?
•GenerateToken
Justlikeanyothertokenbasedauthstrategy. Username:Password

Onlydifferentiatorishowthetokenisgenerated.
4ISONWebToken
Characteristicsofthetoken 3Generatetokenusing
secretkey
TokenisjustanormalURL-Safestringandcan SSomesecureendpoint
TaTinHeade

bepassedtoserverinheader,bodyorURL.
Tokenisselfcontainedi.e.carriesthedata. •Responsefortherequest

Anyonecanviewthecontent.
®ValidateJWTwith
thesecretkey
Tokenhasthreepartsseparatedbyadot

XXXXXXXXXX.YYYYYYYYYY.ZZZzzzzZ
header payload signature Stringgeneratedbyhashingtheheader,
payloadwithasecreti.e.

HMACSHA256(header+ "+payload,'secret)
Stringgeneratedusingbaseb4(tokenMeta)
heldatserverandusedtogenerateandverifytokens
e.g.eyJOeXAiOiJKVIQiLCIhbGciOiJIUzIlNiJ9

Stringgeneratedusingbase64(ourData)
:
Stringgeneratedusingbase64(ourData)
TokenMeta whereourDataisthedatathatwewant
{
toembedinthetoken(akaJWTClaims).
"typ":"jwt", -Typeoftoken
e.g.eyJIc2VuSWQiOiJYRjExLTExMiMiLzaiLCJpY
"alo":"H5256"

hashingalgorithmusedforthesignaturepart
e.g.inthiscaseSHA256 OurData

"userld":"XFIl-1123",
Thesearecalledclaims
"email":"john@doe.com
Therearethreetypesofclaims "exp"."1592427938"
"iat":"1590969600*

RegisteredClaims
Standardnameswhicharereservedforappusage
PublicClaims
iat->issuedat(issuancetimestamp)
Claimswhichwecandefineanduseforour
iss->issuer(whoissuedit,appnameforexample) owndatae..guserld,email,aboveetc.
sub->tokensubject
>PrivateClaims
exp->expirytime(expirytimestamp)
Nameswithoutanymeaningtoanyoneexceptthe
aud->tokenaudience(appURLorsomestringforexample) consumerandproduceroftokens.
nbf->notbefore(timestampbeforewhichtokenisnotusable)
iti->uniquetokenidentifier(canbeusedtorevokeexistingJWTtoken)

Inoursamplepayloadabove,wehaveexpandatclaims.

Community
roadmap.sh is the 6th most starred project on GitHub and is visited by
hundreds of thousands of developers every month.

241k GitHub Stars Join on Discord

Roadmaps Best Practices Guides Videos Store YouTube


:
roadmap.sh by @kamrify

Community created roadmaps, articles, The leading DevOps resource for


resources and journeys to help you Kubernetes, cloud-native computing,
choose your path and grow in your and the latest in at-scale development,
career. deployment, and management.

© roadmap.sh · FAQs · Terms · Privacy DevOps · Kubernetes · Cloud-Native


:

You might also like