Questions tagged [jwt]

JSON Web Token (JWT, pronounced "jot") is a type of token-based authentication used in space-constrained environments such as HTTP Authorization headers. Use this tag for questions relating to the configuration, generation and usage of JWTs in your code.

JSON Web Token (JWT, pronounced "jot") is a token format for use in space-constrained environments such as HTTP authorization headers. It is defined in RFC 7519.

JWTs encode security "claims" as JSON objects and the token can be signed and or encrypted. JWT is used by the OpenID Connect authenticatication standard.

More information about JWT and libraries for different languages can be found on the official JWT site.

17340 questions

votes

1 answer

How do I secure a REST-API?

I've set up an API with authentication but I want to only allow certain applications and websites to access it. What do I do? I've got authentication set up for users that are Logged in only being able to access the API, however, how do I prevent…

security jwt token

asked Mar 30 '19 at 20:37

calimses

votes

3 answers

I need help to verify that jwt is valid or otherwise create a new one and if the token sent is not correct return an error in nestjs middleware

I have already implemented the jwt and it works correctly but when creating a middleware that verifies that the token is still active and that it is valid, if the token has already expired, you must create a new one in case you can not create a new…

jwt nestjs

asked Mar 27 '19 at 14:12

Joshue

votes

2 answers

Unable to validate access token signature obtained from Azure AD in order to secure Web API

I am trying to secure my web api (.net core 2.2) with Azure Ad using implicit flow. I registered my application in Azure AD using the Azure Portal > Azure Active Directoy > App Registrations > New Application Registration: Name =…

oauth-2.0 jwt azure-active-directory openid-connect

asked Mar 19 '19 at 17:50

M. Ali Iftikhar

3,125
2
26
36

votes

2 answers

Get username in a middleware from Django Rest Framework SIMPLE JWT token (3rd party)

I am using Django Rest Framework and I've included a 3rd party package called REST framework simple JWT Auth which is the new framework referenced, and this one, REST framework JWT Auth, which is the old one (I Imagine), since there was no update on…

django django-rest-framework jwt django-rest-framework-jwt

asked Mar 01 '19 at 13:41

Tounnbounn

votes

2 answers

ASP.NET Core Using Multiple Authentication Methods

Using both Cookie Authentication Middleware and JWT Authentication Middleware. When I sign in the user I create custom Claims and attach those to the cookie based identity. I also get a jwt token from an external source, and that has its own claims…

security authentication cookies asp.net-core jwt

asked Feb 16 '19 at 02:02

Jonathan

votes

1 answer

Is there a benefit to performing JWT operations as async?

I'm using the highly popular jsonwebtoken package for node. Signing and verifying are typically performed synchronously, but async options are also provided. I thought that the operations involved are neither data-bound nor computationally…

node.js asynchronous hash cryptography jwt

asked Feb 11 '19 at 11:03

lonix

14,255
23
85
176

votes

1 answer

How to Generate JWT token apple connect iOS

I'm trying to generate a JWT token for Apple Connect but It's look like something is missing in the "Verify signature" field. From the API Apple Store Connect dashboard, I'm only able to download the "private key" name AuthKey_{kid}.p8. From…

ios api ios7 jwt

asked Jan 31 '19 at 13:01

CHAULVET Chris

votes

1 answer

Using Google Cloud Key Management Service to sign JSON Web Tokens

Edit: I found the answer. Scroll to the bottom of this question. I am working on a NodeJS authentication server and I would like to sign JSON Web Tokens (JWT) using google signatures. I am using Google Cloud Key Management Service (KMS) and I…

node.js google-cloud-platform jwt google-cloud-kms

asked Jan 18 '19 at 08:56

Jim van Lienden

votes

0 answers

How to make sure that a expired JWT token is intact

I am looking for a mechanism for renewal of jwt token based on authenticity of expired token. here is my what i tried import com.auth0.jwt.JWT; import com.auth0.jwt.JWTVerifier; import com.auth0.jwt.algorithms.Algorithm; import…

java jwt auth0

asked Jan 12 '19 at 09:18

Rajat

2,467
2
29
38

votes

0 answers

Jwt token gets invalidated on each restart of spring boot application

I have a spring boot application which generates a jwt token on successful login. and the token is returned to the user, but on each restart of the application the token is invalidated. I have a secret key stored on the properties file for now to…

spring-boot jwt

asked Jan 11 '19 at 08:21

Shashank

votes

1 answer

Passport authentication with JWT: How can I change passport's default unauthorized response to my custom response?

I created a Node project with passport. When I did not give the token as header it returns Unauthorized. How can I change this message to pretty as Sorry invalid credentials Every time when the token cannot be given I got the response as…

node.js authentication jwt passport.js passport-jwt

asked Jan 04 '19 at 09:00

test team

votes

1 answer

How to generate a RS256 signed token I decode with jose.jwt.decode

I have a function that takes in a token, decodes it, and uses the payload to perform some logic. I would like to generate tokens with claims I manipulate to test that function. I generated a keypair from https://mkjwk.org/ and use it in the…

python jwt python-jose

asked Dec 29 '18 at 22:13

delisdeli

votes

2 answers

How to use pyJWT to verify signature on this JWT?

I have received a JWT token. I'm interested in unpacking it and validating it's contents. I want to use the pyJWT library to do it. See the small program below. I have base64 decoded my JWT successfully. And I have retrieved the matching JWK from…

python jwt pyjwt

asked Dec 19 '18 at 22:27

Saqib Ali

11,931
41
133
272

votes

2 answers

How to get valid AAD v2 token using MSAL.js for Azure DevOps

ADAL.js and AAD v1 works to access Azure DevOps using delegated user_impersonation scope. I used the same AAD Application Id with delegated permissions to generate access tokens using MSAL.js. The tokens were created successfully, but the access…

azure jwt azure-active-directory azure-devops-rest-api azure-ad-msal

asked Dec 14 '18 at 23:30

X. Ou

votes

1 answer

Cognito / Flask / React: how to log into backend?

My web application uses React in the frontend and Flask in the backend. I would like to add AWS Cognito for user management. As per the documentation, this requires nothing more than wrapping an export statement in the frontend, i.e. changing a…

reactjs authentication flask jwt amazon-cognito

asked Dec 13 '18 at 21:12

ssc

9,528
10
64
94

Prev 1 2 3

…

99 100 Next