DEV Community

Discussion on: What is really the difference between Cookie, Session and Tokens that nobody is talking about ?.

codingsafari profile image
Nico Braun

I was wrong on one ascpect here. The header and the payload are indeed only encoded. Only the signature is encrypted. So anyone can read the payload.