Questions tagged [jwt]

JSON Web Token (JWT, pronounced "jot") is a type of token-based authentication used in space-constrained environments such as HTTP Authorization headers. Use this tag for questions relating to the configuration, generation and usage of JWTs in your code.

JSON Web Token (JWT, pronounced "jot") is a token format for use in space-constrained environments such as HTTP authorization headers. It is defined in RFC 7519.

JWTs encode security "claims" as JSON objects and the token can be signed and or encrypted. JWT is used by the OpenID Connect authenticatication standard.

More information about JWT and libraries for different languages can be found on the official JWT site.

17340 questions

votes

6 answers

How to get Bearer token from a request in Laravel

I am expecting a JWT token from all the incoming request, and it should be included on request headers like: Authorization => 'Bearer: some token here' I want to get this token and verify it: here is what I am trying: $token =…

php laravel jwt

asked Nov 07 '17 at 12:52

user7175325

votes

3 answers

Add authentication to OPTIONS request

How can I add headers to the OPTIONS request made towards a cross-domain API? The API I'm working against requires a JWT token set as Authorization header on all requests. When I try to access to the API Angular first performs an OPTIONS request…

api angular cors token jwt

asked Nov 21 '16 at 14:38

Glenn Utter

2,313
7
32
44

votes

5 answers

How to extract and verify token sent from frontend

I am using "github.com/dgrijalva/jwt-go", and able to send a token to my frontend, and what I would like to know how I could retrieve the token sent from the frontend so that I can verify if the token that was sent is valid and if so the secured…

go jwt token jwt-go

asked Sep 15 '16 at 18:43

poise

votes

3 answers

JWT (JSON Web Token) in PHP without using 3rd-party library. How to sign?

There are a few libraries for implementing JSON Web Tokens (JWT) in PHP, such as php-jwt. I am writing my own, very small and simple class but cannot figure out why my signature fails validation here even though I've tried to stick to the standard.…

php json authentication jwt sha

asked Nov 18 '15 at 06:47

BeetleJuice

39,516
19
105
165

votes

5 answers

NodeJs - Retrieve user information from JWT token?

Node and Angular. I have a MEAN stack authentication application where I am setting a JWT token on successful login as follows, and storing it in a session in the controller. Assigning the JWT token to config.headers through service interceptor: var…

javascript angularjs node.js jwt

asked Oct 31 '15 at 12:00

hakuna

6,243
10
52
77

votes

6 answers

Standalone Spring OAuth2 JWT Authorization Server + CORS

So I have the following Authorization Server condensed from this example from Dave Syer @SpringBootApplication public class AuthserverApplication { public static void main(String[] args) { …

spring-security cors jwt spring-security-oauth2

asked Jun 03 '15 at 22:52

Michael K.

2,392
4
22
35

votes

1 answer

What is the difference between AddJwtBearer and AddOpenIdConnect in .NET Core Authentication?

I've been looking into the basics of .NET Core Authentication using Azure AD for an API that I'm building and I've been trying to find information about the authentication schemes. I get the difference between cookie and token based authentication…

authentication .net-core jwt openid-connect

asked Jan 21 '20 at 21:38

Serberuss

2,247
4
22
40

votes

2 answers

Is it secure to store a refresh token in the database? (To issue new access tokens for login purposes). Or is there a method to do it easier?

Currently im trying to gather knowledge on how to implement an auth system (a login) . And during my research i've tried to implement a JWT based solution in my backend. I have an express server which allows me to register an user , storing its…

jwt express-jwt

asked Dec 28 '19 at 14:09

mouchin777

1,428
1
31
59

votes

4 answers

Customizing JWT response from django-rest-framework-simplejwt

I'm setting up Django to send a JWT Response as opposed to a view. I tried using django-rest-framework-simplejwt. Provided in this framework, there is a function TokenObtainPairView.as_view() that returns a pair of jwt. I need to return the access…

json django angular jwt

asked Feb 06 '19 at 00:14

A. Angee

votes

1 answer

extract payload of expired jwt token

I am making API Server with Node.js and Express. Also I used JWT token authentication for auth user. If token is expired, my scenario is here. (Backend) Middleware detect expired (Frontend) Receive token is expired (Fronend) Refresh token request…

node.js jwt

asked Jul 11 '18 at 08:57

Hide

3,199
7
41
83

votes

4 answers

JSON Web Token (JWT) : Authorization vs Authentication

JWT terminology has been bothering me for a few reasons. Is JWT suitable for Authorization or is it only for Authentication? Correct me if I'm wrong but I have always read Authorization as being the act of allowing someone access to a resource yet…

java json authentication jwt

asked Jan 22 '18 at 16:43

Rohan Kadu

1,311
2
12
22

votes

2 answers

Swagger definition for firebase authentication

Could anyone provide a working sample of a Swagger security definition for firebase authentication? On the backend, firebase ID token is verified using the firebase admin SDK: import * as admin from 'firebase-admin'; await…

firebase google-cloud-platform firebase-authentication jwt swagger

asked Jan 17 '18 at 18:56

dennis

votes

4 answers

JWT authentication & refresh token implementation

I am developing a REST application with its own authentication and authorization mechanism. I want to use JSON Web Tokens for authentication. Is the following a valid and safe implementation? A REST API will be developed to accept username and…

rest security authentication jwt

asked Jan 12 '17 at 13:18

Saptarshi Basu

8,640
4
39
58

votes

3 answers

Websocket, Angular 2 and JSON Web token Authentication

My Angular 2 app (coded in typescript) has a simple authentication scheme: User logs in: Server returns JSON Web Token (JWT) abc123... On every API call, the app sends the JWT in the Authorization header Server validates the JWT and grants…

authentication angular typescript websocket jwt

asked Sep 25 '16 at 21:33

BeetleJuice

39,516
19
105
165

votes

2 answers

JWT & OAuth2 - Does the server store the token? & How are they Secure/Hacker Safe?

I am a complete noob when it comes to security, authentication strategies. So I was reading this article about "Token Based Authentication": https://scotch.io/tutorials/the-ins-and-outs-of-token-based-authentication I have 2 questions: I don't…

security authentication oauth-2.0 jwt

asked Jul 26 '16 at 17:56

user1102532

Prev 1 2 3

…

99 100 Next