WT adds a header and a signature (usually the same one, size constant for both), and encodes data in base64, what requires around 4/3 the original data size.
Including data that grows up, such as a list of role descriptions that can be added to the user, it is easy to create a big JWT.
Problems:
This big JWT is going to be sent on every communication, generating larger messages and consuming more network resources.
Every web server has a header size limit that is between 4k and 48k. Any header beyond that will be rejected, generating a hard to debug selective DoS problem.
WT adds a header and a signature (usually the same one, size constant for both), and encodes data in base64, what requires around 4/3 the original data size.
Including data that grows up, such as a list of role descriptions that can be added to the user, it is easy to create a big JWT.
Problems:
Added spanish translation as well.