JWT (JSON web token)

JWT is a way to transport claims from one party to another party securely.

What is Claim: Claim is what you claim to be to the other party, for e.g. your name, department etc. Claim need not to have any credentials.

Here in JWT approach, claim is signed by a private certificate at client end, and server verifies the signature by using corresponding public key. So server understands that the claims are coming from a valid client who has private certificate, in that way client’s authenticity is verified.

Scenario 1:

Scenario 2: 

Leave a Reply

Your email address will not be published. Required fields are marked *