DEV Community

Discussion on: JSON Web Tokens (JWT) vs. SessionID 🔐 ? explained in 2 mins

Collapse
 
kendru profile image
Andrew Meredith

Having used both JWTs and traditional session ids, I agree that JWTs are probably not the best tool for a typical project. Where I have found them very useful is when passing a user's credentials between several back-end systems that all trust the server that granted the JWT and each want to do their own authentication or authorization.

Collapse
 
peterdavidcarter profile image
Peter David Carter • Edited

Indeed. Between backend systems we don't expose to the public sending all the data self-contained makes sense. However, you really have to wonder if sending all your data upfront to the browser is the best call, though it's a common pattern.