JWT (JSON Web Token) is a compact, URL-safe token format used to securely transmit information between parties as a JSON object.
Key points in definition:
Compact → small, efficient (xxxxx.yyyyy.zzzzz)
URL-safe → can be sent in headers/URLs
JSON-based → payload is JSON
Claims → contains data like userId, role
Can be signed or encrypted
JWS (JSON Web Signature) is a specification that defines how to digitally sign a payload (such as a JWT) to ensure its integrity and authenticity.
Key points:
Uses digital signature
Ensures:
Integrity (data not modified)
Authenticity (issued by trusted source)
Does not encrypt the payload
Top comments (0)