JSON Web tokens (JWTs) are used to authenticate APIs in a secure, stateless way. But they are sometimes misused. If you attend this talk, you'll know when to use JWTs, which signing algorithm to use, and why JWTs exist. You'll also learn about how to validate a JWT, and why you need to do so before you ever accept the payload of a JWT.


Comments are closed.

TJ Draper at 10:55 on 4 Nov 2023

Great information for someone like me who has some information about JWTs but once to go further.

Joseph Lavin at 10:57 on 4 Nov 2023

Very informative. Lot's of good practices w/ simple examples. Maybe some real world examples of improper use of JWTs to really drive home why you should validate.

Ben Batschelet at 11:00 on 4 Nov 2023

Really good content, I think you could probably just put the examples directly in the slides rather than switching out to the terminal.

Wun Chiou at 11:03 on 4 Nov 2023

Very knowledgeable on the topic. Loved the live example. We started late, but maybe a bit more time for questions since it seemed that once they started, the audience was really interested.