Stack Overflow
Stack Overflow

Questions tagged [token]

A token is a string of characters, categorized according to the rules as a symbol (e.g., IDENTIFIER, NUMBER, COMMA). The process of forming tokens from an input stream of characters is called tokenization, and the lexer categorizes them according to a symbol type. A token can look like anything that is useful for processing an input text stream or text file.

A token is the smallest part of an input text with a meaning. A token may be a single character, a symbol, a word or anything that is useful for processing an input text. Tokens are used in processing programming languages or natural languages.

The process of forming tokens from an input stream is called tokenization or lexical analysis. A program or function which performs lexical analysis is called a lexical analyzer, lexer, or scanner.

7573 questions
15
votes
2 answers

Why Base64 is used in JWTs?

I am trying to understand JSON Web Tokens and got to learn that Base64 is the encoding used in them. As base64 can be decoded easily, my question is why to use them. Why not use a one-way hash function to generate the token? Please spare me if the…
abi24m
  • 161
  • 1
  • 1
  • 5
15
votes
1 answer

Where is safest to store Json Web Tokens JWTs in client side?

Hello stackoverflow community! We build an SPA app with nuxts.js framework and we arrived to the point which is the safest way to store a JWT token from our backend API service. We have two options cookies with httpOnly flag versus localStorage. I…
Vasileios Tsakalis
  • 1,101
  • 2
  • 11
  • 25
15
votes
3 answers

Unexpected token m in JSON at position 0 error

On compiling an app and trying to implement the i18n library with webpack, I face this error: ERROR in ./node_modules/bundle-loader?lazy&name=lang-pt!./src/locales/pt/translation.json Module parse failed: Unexpected token m in JSON at position 0 You…
vascobento
  • 183
  • 1
  • 1
  • 7
15
votes
2 answers

Handling Expired Token From Api in Angular 4

I need help in handling expired token in my angular application. My api has the expired time but my problem is when i forgot to log out of my angular application, after some time, i still can access the homepage but without data. Is there something…
Joseph
  • 7,042
  • 23
  • 83
  • 181
15
votes
1 answer

Authorize WebApp to ADFS in order to access Dynamics CRM Web API

I have a web application that needs to speak with Dynamics CRM 365 Web API. The Dynamics CRM is configured as a Relying Party on ADFS. The server is Windows Server 2016 and everything is on premise and not on Azure. What I did to acquire a valid…
Ricky Stam
  • 2,116
  • 21
  • 25
15
votes
2 answers

Android Studio - Get Firebase token from GetIdToken

I have done the following in Swift: let currentUser = Auth.auth().currentUser currentUser?.getTokenForcingRefresh(true) {idToken, error in if let error = error { // Handle error print("error (below)") print(error) return; …
readysetdev
  • 193
  • 1
  • 1
  • 6
15
votes
1 answer

How Set Authorization headers at HTML Form or at A href

I have this code: $.ajax({ url: "http://localhost:15797/api/values", type: 'get', contentType: 'application/json', headers: { "Authorization": "Bearer "…
Andre
  • 652
  • 2
  • 7
  • 23
15
votes
3 answers

How to invalidate a JWT token with no expiry time

Am creating a node.js backend app using JWT. For me the requirement is simple, that the authorization token shouldn't have any expiry time. But I am facing problem during invalidating JWT When user changes his password. When user changes his…
user2875371
15
votes
2 answers

Securing OAuth clientId/clientSecret in AngularJS application

I know this is probably an age-old question, but...are there any best practices for securing client secrets for performing OAuth2 authentication in AngularJS applications? I've been racking my brain trying to think of a solution to providing truly…
jrista
  • 32,447
  • 15
  • 90
  • 130
15
votes
2 answers

Validate Windows Identity Token

I am trying develop a simple web service to authenticate users of a desktop application using the windows identity framework, at present I am passing the token generated by WindowsIdentity.GetCurrent().Token via a post variable (it is encrypted and…
mitchellsg
  • 486
  • 5
  • 13
14
votes
4 answers

What does the 'native' keyword mean in JavaScript?

I stumbled upon a function called v8Locale in Chrome's Developer Console. I was curious so I entered the function to get the source code, and it revealed the following code: function (a){ native function NativeJSLocale(); var…
pimvdb
  • 151,816
  • 78
  • 307
  • 352
14
votes
3 answers

Should Refresh Tokens in JWT Authentication Schemes be Signed with a Different Secret than the Access Token?

I have a very simple question that is essentially as stated in the title. When implementing a JWT authentication scheme that incorporates short-lived access tokens and longer term refresh tokens, should these two token types be signed with different…
tomking
  • 313
  • 1
  • 11
14
votes
2 answers

How to reduce the size of the access/refresh tokens in Keycloak?

I am setting a keycloack authentication server to allow authorized users to access a protected resource (OAuth2.0). The access will be done from an embedded device that has certain restrictions. The main restriction is that the access and refresh…
Safwen
  • 141
  • 1
  • 7
14
votes
2 answers

ASP.NET Core and JWT token lifetime

I utilize ASP.NET Core 2.1.1 It is interesting that the expiration time is only being taken into account when one provides both ClockSkew - in Startup.cs and JwtSecurityTokenHandler.TokenLifetimeInMinutes - in a controller. For instance: services …
Alex Herman
  • 2,708
  • 4
  • 32
  • 53
14
votes
1 answer

RSA JWT key rotation period?

I have created a basic JWT generator but need advice on a couple of aspects. I have been using JWT.io 's guides and the auth0/java-jwt libraries/repo to produce the tokens. The JWTs are being signed with 2 different keys. The refresh tokens are…
Jcov
  • 2,122
  • 2
  • 21
  • 32
1 2 3
99 100