Questions tagged [json-web-token]

JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties.

JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JavaScript Object Notation (JSON) object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or MACed and/or encrypted.

The suggested pronunciation of JWT is the same as the English word "jot".

Source

243 questions
3
votes
1 answer

Passport JWT JSON Web Token authenticate error

I am implementing, for the first time, an authentication involving passport and JWT. My question is this: when I send an already expired token in the header, I get the message "Unauthorized". My code is as follows: In…
Hitsugaya
  • 65
  • 5
3
votes
2 answers

JWT with Spring OAuth2

I have created the Spring Authorization Server which issues JWT-s and a Resource Server which checks the JWT, its claims and permissions on the Authorization Server. To do so, I have followed this article. My question is why I need to send the…
dplesa
  • 1,355
  • 6
  • 23
  • 56
3
votes
4 answers

Log out user after inactivity with JWT Access and Refresh tokens

I implement autentication mechanism in web application with Angular 2. I going to use JSON Web Token. Two types of token, Access token (short-lived) and Refresh token (long-lived) which are described here:…
LancerX
  • 1,211
  • 7
  • 23
  • 40
3
votes
2 answers

Validating JWT with Microsoft's IdentityModel

I am trying to validate the following test JWT, the chosen key is 'private' and I can successfully verify it on…
kentor
  • 16,553
  • 20
  • 86
  • 144
3
votes
1 answer

Verify a RS256 jwt on node PEM_read_bio_PUBKEY failed

I'm trying to I'm trying to verify a jwt that use the RS256 algorithm. When using the hs256 algorithm everything works fine let opts = { audience: 'y', issuer: `https://x.auth0.com/`, algorithms: ["RS256"] } jwt.verify(payload.token,…
Ced
  • 15,847
  • 14
  • 87
  • 146
3
votes
1 answer

Any example with loopback + passport + jwt?

Do you know any example code with loopback + passport + JWT? The code in https://github.com/strongloop/loopback-component-passport and https://github.com/strongloop/loopback-example-passport seems to use sessions. Or do yo know any alternative to…
3
votes
1 answer

How to return a JSON Web Token in a C# WEB API?

I am trying to wrap my ahead around using JWT to secure a WEB API written in C#, but am getting hung up on a few things. From my understanding the flow should be something like this: Client provides username/password to the Web API from some…
user961714
  • 731
  • 4
  • 15
  • 25
3
votes
1 answer

UseJwtBearerAuthentication fails with IDX10504: Unable to validate signature, token does not have a signature

Using ASP.NET Core 1.0 (rtm), with the somewhat minimal verifiable sample that I have produced, I am seeing that the JSON Web Tokens I produce are not passing the .net core json web token middleware claim challenge, and are failing with this…
Warren P
  • 65,725
  • 40
  • 181
  • 316
3
votes
1 answer

Generated with Java JJWT signature fails at jwt.io debugger

I am using the jjwt Java library for server side generation of jwt in on servlets, the code snipper below straight from the jjwt GitHub page https://github.com/jwtk/jjwt generates and prints out this…
user3383325
  • 53
  • 1
  • 5
3
votes
1 answer

NodeJs middleware set header

I would like to add to add a refresh token to a header in middleware as seen in the first answer of this question: implementing refresh-tokens with angular and express-jwt Backend - middleware: jwt.verify(token, config.secret, function(err, decoded)…
pmulders
  • 89
  • 5
3
votes
1 answer

Json Web Signature and Json Web Signature Objective C library

I had cross some library with previous code in Java. The problem i cannot find JSONWebSignature and JSONWebEncyption Library in Objective C. Wonder how to achieve the below code in Obj C: //generate JWT Token public static Map
Ashmira85
  • 31
  • 2
3
votes
1 answer

How could I decode a JWT token in Paw

I found an extension for generating JWT in Paw, but nothing so far about decoding the tokens and using the payload as dynamic vars.
Tony Gutierrez
  • 753
  • 1
  • 6
  • 16
3
votes
1 answer

Storing json web token

I'm learning reactjs, redux and json web token. I'm new on all of them. In my sample application user sends information from a login page. If the information is true jwt is created and it is set in the state and sent to the client side. It is set…
kbrk
  • 610
  • 1
  • 9
  • 27
3
votes
1 answer

Decode JSON Web Token (Xamarin.Android)

Basically I want to decode a base64 encoded JWT to extract the information in the body part. I tried searching for possibilities to decode the token but all JWT Nuget-Packages don't work with my Xamarin.Android project since Mono doesn't have the…
hullunist
  • 1,117
  • 2
  • 11
  • 31
3
votes
1 answer

fail to verify jwt signature in Java

I am trying to verify a JWT token by verifying its signature. But during the verification I get an error java.security.SignatureException: Signature length not correct: got 342 but was expecting 256 . I assume that signature is the encrypted…