Over the past few years, many of us have seen or used special tokens: JSON Web Tokens, or JWTs. This token standard is a very practical way of transmitting information reliably. These tokens are often used for authentication with web services, microservices or SSO as part of OpenID Connect. In addition, we see a lot of JWS (signed tokens), but that's not the only implementation out there. In fact, the JWT specification is much broader than you might think. Here's a look at some of the lesser-known aspects of JWT.


Comments are closed.