Share this page!

Csaba Kissi Profile picture
Twitter logo
Jan 12 11 tweets 3 min read
What is JSON Web Token, and how it works for API authentication? 👇
A JSON-based open standard called JSON Web Token (JWT) is used to create access tokens that make a number of claims.

When using JWT authentication, a token is generated, signed by the server, and sent to the client.
The client then provides this token to the server with each subsequent request to demonstrate user authentication.

How the authentication process works:
The client asks the server to log them in using their credentials (username and password).

If the credentials are legitimate, the server generates a JWT that includes the user's ID, name, and roles, among other assertions.
The JWT is signed with a secret key that only the server knows.

This signature guarantees that the token was not tampered with.

The JWT is then sent to the client.
The client stores the JWT safely, like an HTTP-only cookie or the browser's local storage.

The client sends the JWT in the "Authorization" header of each subsequent request to the server.
If the signature is wrong or the claims are no longer true, the server sends the message "401 Unauthorized."
The server checks that the claims in the JWT are still valid by using the same secret key to verify the JWT's signature.

The server lets the request go through if the signature and the claims are still valid.
Because JWTs are stateless, the server is not required to keep track of a session or save user information.

As a result, it is simple to scale and more secure because session hijacking cannot occur.
If you like this post, you can bookmark and tag it by replying with @SaveToBookmarks #jwt #api

You can view your bookmarks on savetobookmarks.com
That's all, guys.

If you found this list useful, consider:

✅ Follow @csaba_kissi for more content like this
🔔 Enable notifications 👀
🔄 Retweeting the first tweet.

Thanks for your support, guys! 🙏🤝

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Csaba Kissi

Csaba Kissi Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @csaba_kissi

Csaba Kissi Profile picture
Jan 13
5 APIs for your next Fitness related side project

Thread 🧵👇
1️⃣ Mega Fitness Calculator

Find “Ideal Body Weight”, “BMI”, “TDEE”, “BMR”, “ABSI”, “Waist-hip Ratio”, and “Body Fat Percentage”.

rapidapi.com/bejjaothmane/a…
2️⃣ ExerciseDB

The ExerciseDB is your gateway to over 1300 exercises with detailed information and animated demonstrations.

rapidapi.com/justin-WFnsXH_…
Read 7 tweets
Csaba Kissi Profile picture
Jan 11
7 CSS Tricks you wish you knew earlier: 👇
1️⃣ Using the :empty pseudo-class to style empty elements:
2️⃣ Using the :not() pseudo-class to exclude certain elements from a selection:
Read 10 tweets
Csaba Kissi Profile picture
Jan 9
5 FREE Public APIs for your next project/side project.

Thread 🧵👇
1. Alpha Vantage

The easiest and most effective way to get stock, ETF, forex, technical indicators, and cryptocurrency data is to use a leading API provider like us.

rapidapi.com/alphavantage/a…
2. Live Sports Odds

Get the inside scoop on who's winning with Odds data API for NFL, NBA, MLB, EPL, AFL, and more, from US, UK, EU, and Aussie bookmakers.

rapidapi.com/theoddsapi/api…
Read 7 tweets
Csaba Kissi Profile picture
Jan 9
5 Javascript tips you'll wish you knew earlier.👇
You can use the "typeof" operator to check the value type at runtime.

For example:
The "instanceof" operator can be used to determine whether an object is an instance of a specific constructor or class.

For instance:
Read 9 tweets
Csaba Kissi Profile picture
Jan 8
If you want to know about Javascript Arrow functions, read this:👇
In JavaScript, one kind of function expression is an arrow function.

It features a shorter syntax but is otherwise similar to a conventional function.

Here is an example of a regular function and an arrow function that do the same thing:
When dealing with higher-order functions, arrow functions can help you write more succinct code (functions that take other functions as arguments).

You can see how to combine a standard function with an arrow function using the map array method in this example:
Read 12 tweets
Csaba Kissi Profile picture
Jan 7
5 Javascript tips you'll wish you knew earlier.👇
To acquire the first element in an array that meets a criterion, use the Array.prototype.find() method.
To combine many objects into one, use the Object.assign() method.
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(