jwt.md

July 15, 2021 · View on GitHub

In spite of the popularity of JWTs, their security properties are often misunderstood. To ensure the security of the app, you must fully consider asymmetric signatures, validation beyond signatures, c...

:calendar: published on: 2019-01-10
tags: jwt, security, encryption

GitHub - auth0/express-jwt

^{https://github.com/auth0/express-jwt}

connect/express middleware that validates a JsonWebToken (JWT) and set the req.user with the attributes - auth0/express-jwt

tags: expressjs, node.js, jwt
:octocat: source code

pyjwt

^{https://github.com/jpadilla/pyjwt}

JSON Web Token implementation in Python.

tags: python, authentication, jwt
:octocat: source code

python-jose

^{https://github.com/mpdavis/python-jose/}

A JOSE implementation in Python.

tags: python, authentication, jwt
:octocat: source code

python-jwt

^{https://github.com/davedoesdev/python-jwt}

A module for generating and verifying JSON Web Tokens.

tags: python, authentication, jwt
:octocat: source code

JWT, JWS and JWE for Not So Dummies! (Part I)

^{https://medium.facilelogin.com/jwt-jws-and-jwe-for-not-so-dummies-b63310d201a3}

Detailed explanation about jwt, jws and jwe

:calendar: published on: 2016-04-26
tags: jwt, jws, jwe, encryption

Understanding ID Token

^{https://medium.com/@darutk/understanding-id-token-5f83f50fa02e}

From an engineer's point of view, an abstract explanation like “ID Token is a token issued as a result of user authentication” is not so valuable because engineers cannot imagine how to implement ID T...

:calendar: published on: 2017-11-06
tags: openid-connect, jwt, oauth2

What Happens If Your JWT Is Stolen?

^{https://developer.okta.com/blog/2018/06/20/what-happens-if-your-jwt-is-stolen}

What happens if a JSON Web Token is stolen or compromised? What are the security considerations you need to understand? In this post, we'll look at what JWTs are, and what happens when they're stolen ...

tags: security, jwt, web

Angular Authentication: Using the Http Client and Http Interceptors

^{https://medium.com/@ryanchenkie_40935/angular-authentication-using-the-http-client-and-http-intercep...}

Let’s take a look at how to use Angular’s HttpInterceptor interface to make authenticated HTTP requests. It also suggest how to react in case the token expired.

:calendar: published on: 2017-07-18
tags: angular, jwt, security, authentication

Understanding Refresh Tokens - Auth0

^{https://auth0.com/learn/refresh-tokens/}

A Refresh Token is a special kind of token that can be used to obtain a renewed access token —that allows accessing a protected resource— at any time. You can request new access tokens until the r...

tags: jwt, oauth2, openid-connect

5 Steps to Add Modern Authentication to Legacy Apps Using JWTs

^{https://auth0.com/blog/5-steps-to-add-modern-authentication-to-legacy-apps-using-jwts/}

Conventional authentication is challenging for today's web applications. Learn about the reasons and how to use JSON Web Tokens (JWT) for modern authentication.

:calendar: published on: 2015-09-28
tags: jwt, security

The New HTTP Client in Angular 4.3 – Austin – Medium

^{https://medium.com/@amcdnl/the-new-http-client-in-angular-4-3-754bd3ff83a8}

In Angular 4.3, a new HTTP Client was introduced. This new client replaces the @angular/http module you are using right now. To prevent breaking changes (👍), it was released under a different name… ...

:calendar: published on: 2017-07-25
tags: angular, jwt

Angular Security - Authentication With JWT: The Complete Guide

^{https://blog.angular-university.io/angular-authentication-jwt/}

A Step-by-Step Guide for learning how to implement JWT-based Authentication in Angular, includes what to do in the backend (using Node / Typescript)

:calendar: published on: 2017-09-14
tags: jwt, angular, node.js

OpenID Connect

^{https://auth0.com/docs/protocols/oidc}

What is the OpenID Connect protocol and how it works.

tags: openid-connect, oauth2, jwt

JWT Handbook

^{https://auth0.com/e-books/jwt-handbook}

Ever wondered how JWT came to be and what problems it was designed to tackle? Are you curious about the plethora of algorithms available for signing...

tags: jwt, free-programming-books

ID Token

^{https://auth0.com/docs/tokens/id-token}

How to obtain, use and renew an id_token.

tags: jwt

JSON Web Tokens (JWT) in Auth0

^{https://auth0.com/docs/jwt}

JSON Web Token (JWT) is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This article introduces you to all of the...

tags: jwt

JWT: The Complete Guide to JSON Web Tokens

^{https://blog.angular-university.io/angular-jwt/}

A Step-by-Step Guide for learning JSON Web Tokens, including signatures, single page web application User Authentication and Session Management.

:calendar: published on: 2017-09-06
tags: jwt, security, hmac

JSON Web Token (JWT) - specification / spec

^{https://tools.ietf.org/html/rfc7519}

Abstract

JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payl...