Security

What is JWT?

JSON Web Token — a compact, URL-safe token for securely transmitting claims between parties.

Definition

A JWT (JSON Web Token) is a compact, self-contained token format for securely transmitting information between parties as a JSON object. A JWT has three parts: Header (algorithm, type), Payload (claims — user ID, roles, expiration), and Signature (cryptographic verification). JWTs are commonly used for authentication and API authorization. They can be signed (JWS) or encrypted (JWE). Stored in cookies or localStorage.

Related Terms

Authentication Authorization OAuth 2.0

More in Security

Authentication Authorization OAuth 2.0 SSL/TLS CSRF XSS

Authorization OAuth 2.0