conchincradle
commented
1 year ago JWT for securing REST APIs
follows stateless authentication mechanism ( no store information
Open conchincradle opened 1 year ago
conchincradle
commented
1 year ago JWT for securing REST APIs
follows stateless authentication mechanism ( no store information
conchincradle
commented
1 year ago strucutre
three parts separated by dot xx.yyy.zzz
Header Payload Signature
client - > POST authenticate with username and password -> server validate the username and password , generate JWT using the secret key server-------> return the generated JWT client--------------> GET /hello with JWT in the Header, server validate the JWT
server -------------> return the response