What is a JSON Web Token (JWT) and why do you care? JWTs are a stateless, standardized way to represent user data. This talk will discuss why JWTs matter and the nuts and bolts of JWTs. We’ll also discuss how you might use a JWT in your Rails or Ruby application.
Details
This talk is intended for Rubyists of all experience levels who would like to gain a deeper understanding of JSON Web Tokens.
I'll start by talking about how you might handle the problem JWTs solve: how to share identity and authorization in a distributed application.
We'll then talk about the components of a JWT, whether you should distribute secrets using them (spoiler: please don't), different ways to sign them, and how to revoke them (kinda).
We'll also look at some ruby code showing how to generate and decode JWTs using the ruby JWT library.
Bio
Dan Moore is a developer advocate for FusionAuth. He’s been using Ruby and Rails off and on since 2015. A former CTO, engineering manager and longtime developer, he's been writing software for (checks watch) over 20 years. Follow him on Twitter @mooreds
Abstract
What is a JSON Web Token (JWT) and why do you care? JWTs are a stateless, standardized way to represent user data. This talk will discuss why JWTs matter and the nuts and bolts of JWTs. We’ll also discuss how you might use a JWT in your Rails or Ruby application.
Details
This talk is intended for Rubyists of all experience levels who would like to gain a deeper understanding of JSON Web Tokens.
I'll start by talking about how you might handle the problem JWTs solve: how to share identity and authorization in a distributed application.
We'll then talk about the components of a JWT, whether you should distribute secrets using them (spoiler: please don't), different ways to sign them, and how to revoke them (kinda).
We'll also look at some ruby code showing how to generate and decode JWTs using the ruby JWT library.
Bio
Dan Moore is a developer advocate for FusionAuth. He’s been using Ruby and Rails off and on since 2015. A former CTO, engineering manager and longtime developer, he's been writing software for (checks watch) over 20 years. Follow him on Twitter @mooreds