← Cybersecurity Alphabet Soup

JWT

JSON Web Token

identityeasy

A JWT is a compact, digitally signed token that carries claims, such as a user's identity and permissions, as JSON. Services can verify the signature and trust the claims without a database lookup, which makes JWTs popular for API authentication and session handling. Misconfigured signature validation is a classic source of serious vulnerabilities.

Sources

More in identity