Closed yinanfang closed 7 years ago
Do not contain any sensitive data in a JWT. These tokens are usually signed to protect against manipulation (not encrypted) so the data in the claims can be easily decoded and read.
//claims { "userId": "tom", "email": "tom@example.com", ?? "name": "Tom Abbott", ?? "role": "user" }
Do not contain any sensitive data in a JWT. These tokens are usually signed to protect against manipulation (not encrypted) so the data in the claims can be easily decoded and read.
//claims { "userId": "tom", "email": "tom@example.com", ?? "name": "Tom Abbott", ?? "role": "user" }