Stack Overflow
Stack Overflow

Questions tagged [jwt]

JSON Web Token (JWT, pronounced "jot") is a type of token-based authentication used in space-constrained environments such as HTTP Authorization headers. Use this tag for questions relating to the configuration, generation and usage of JWTs in your code.

JSON Web Token (JWT, pronounced "jot") is a token format for use in space-constrained environments such as HTTP authorization headers. It is defined in RFC 7519.

JWTs encode security "claims" as JSON objects and the token can be signed and or encrypted. JWT is used by the OpenID Connect authenticatication standard.

More information about JWT and libraries for different languages can be found on the official JWT site.

17340 questions
33
votes
2 answers

JWT SecurityTokenInvalidSignatureException using RS256 PII is hidden

I'm having trouble validating a JWT token signed with RS256 using Microsoft's System.IdentityModel.Tokens.Jwt library. This token validates just fine on JWT.io. This is the…
Carlo Bos
  • 3,105
  • 2
  • 16
  • 29
33
votes
10 answers

NullInjectorError: No provider for JwtHelperService

I'm in Angular 5. First: npm install @auth0/angular-jwt --save Then I import it: import { JwtHelperService } from '@auth0/angular-jwt'; This is my authentication service: import { JwtHelperService } from '@auth0/angular-jwt'; @Injectable() export…
ValRob
  • 2,584
  • 7
  • 32
  • 40
33
votes
3 answers

UseJwtBearerAuthentication does not get User.Identity.Name populated

I am trying to use JWT for authentication mechanism in ASP.NET Core Web API project. Suppose this project has not MVC part and does not use cookie authentication. I have created my code based on this guide. Login works good and protection with…
Afshar Mohebi
  • 10,479
  • 17
  • 82
  • 126
33
votes
2 answers

JWT (Json web token) Vs Custom Token

I was looking through the questions but I did not find anything which could solve my doubt. I found extensive information about JWT, but not much when comparing the advantages JWT could offer over generating a custom token to authentication requests…
Deibys
  • 619
  • 3
  • 9
  • 18
33
votes
2 answers

Should I use JWT or Basic Token authentication in Django Rest Framework?

I'm about to implement Token Authentication in my API using Django Rest Framework. But I'm not sure if I should use the basic token build-in DRF or use the JSON Web Token (JWT) standard (using this package djangorestframework-jwt) The only reference…
EdgarT
  • 1,080
  • 11
  • 18
32
votes
2 answers

How to setup Axios interceptors with React Context properly?

Since I want to setup Axios interceptors with React Context, the only solution that seems viable is creating an Interceptor component in order to use the useContext hook to access Context state and dispatch. The problem is, this creates a closure…
hakaman
  • 411
  • 1
  • 5
  • 8
32
votes
5 answers

How to get the claims from a JWT in my Flutter Application

I am writing a Flutter/Dart application and am getting a JWT back from an auth server that has some claims I need to use. I have looked at various (4 so far) Dart JWT libraries -- but all are either too old and no longer work with Dart 2, etc. or…
sjmcdowall
  • 1,471
  • 4
  • 15
  • 27
32
votes
2 answers

How does server return JWT token to the client?

This is my first encounter with a JWT token and I'd like to know how is this token returned to the client after it's first created. Should it come in the Authorization : Bearer header ? Usually, it's the client that passes the token in Authorization…
user1411018
  • 491
  • 1
  • 5
  • 12
32
votes
2 answers

How to decode JWT (Header and Body) in java using Apache Commons Codec?

I am looking decode the following JWT using Apache Commons Codec. How we can do that ? …
user4821194
32
votes
2 answers

OAuth2: What is the difference between the JWT Authorization Grant and Client Credentials Grant with JWT client authentication?

The OAuth2 JWT Profile introduces the possibility to use JWTs both as authorization grant and as client authentication. The JWT client authentication feature is independent of a certain grant type, and can be used with any grant type, also the…
Misch
  • 10,350
  • 4
  • 35
  • 49
32
votes
5 answers

Add a claim to JWT as an array?

Using thinktecture JWT authentication resource owner flow, I use the claims part of JWT for client consumption. My question is that if it's possible to add a claim in identity server and decode it as an array in client. There is no ClaimTypeValues…
sercan
  • 465
  • 1
  • 7
  • 13
32
votes
11 answers

"Not sufficient permissions" google analytics API service account

I'm trying to fetch data with the Google Analytics API through service accounts. I have been searching on stackoverflow how to do this and been using the exact same code found on several posts but getting problems to get it…
Kozmk12
  • 545
  • 1
  • 5
  • 15
31
votes
2 answers

Getting only decoded payload from JWT in python

Is there a nice way (using maybe some library) to get only payload from JWT saved as string variable? Other than manually parsing it for content between first and second dots and then decoding.
salveiro
  • 419
  • 1
  • 5
  • 13
31
votes
5 answers

Dotnet core 2.0 authentication multiple schemas identity cookies and jwt

In dotnet core 1.1 asp, I was able to configure and use identity middleware followed by jwt middleware by doing the following: app.UseIdentity(); app.UseJwtBearerAuthentication(new JwtBearerOptions() {}); This has now changed in that we…
didiHamman
  • 798
  • 1
  • 9
  • 19
31
votes
5 answers

Update/change roles claim (or any other claim) in JWT

I'm storing user roles inside a JWT (to restrict API endpoints). The roles can be changed by an administrator. If a role is changed. How am I supposed to reflect this inside all tokens? I've thought about a couple of solutions: If I'd use refresh…
tobbe
  • 1,737
  • 6
  • 23
  • 40
1 2 3
99 100