Shulou(Shulou.com)06/03 Report--

This article introduces the relevant knowledge of "what is Json Web Token". In the operation of actual cases, many people will encounter such a dilemma. Then let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

JWT (Json Web Token) is an open standard based on Json for passing declarations between network application environments. JWT declarations are generally used to pass authenticated user identity information between identity providers and service providers in order to obtain resources from the resource server.

For example, when used in user login, the basic idea is that the user provides a user name and password to the authentication server, and the server verifies the validity of the information submitted by the user; if the verification is successful, a Token will be generated and returned, and the user can use this Token to access the protected resources on the server.

JWT consists of three parts, the first part is called Header, the second part is called message body (Payload), and the third part is Signature. A Token generated by JWT is in the following format:

Token = encodeBase64 (header) +'.'+ encodeBase64 (payload) +'. + encodeBase64 (signature)

The header information usually consists of two parts, the type of token and the signature algorithm used, such as the following code:

{"alg": "HS256", "typ": "JWT"}

The message body can carry some of the information you need, such as the user ID. Because you need to know which user this Token belongs to, such as the following code:

{"id": "1234567890", "name": "John Doe", "admin": true}

The signature is used to determine whether the message has been tampered with on the way of delivery, so as to ensure the security of the data. The format is as follows:

HMACSHA256 (base64UrlEncode (header) + "." + base64UrlEncode (payload), secret)

Through these three parts, our Json Web Token is formed.

This is the end of "what is Json Web Token". Thank you for your reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.