A JSON Web Token (JWT) is a compact, self-contained token for securely transmitting information. Structure: header.payload.signature, each Base64URL-encoded. The payload carries claims (user ID, roles, expiration). The signature ensures the token has not been tampered with. JWTs are used for authentication (login), authorization (permissions), and information exchange. Key security rule: never store sensitive data in the payload — it is encoded, not encrypted.
glossary2 min read
JWT Explained
JWTs are tokens for authentication that carry data and a signature.
Try these tools
More glossary articles
What is WebP?
WebP is a modern image format by Google offering superior compression. Learn when and how to use WebP images.
What is HEIC?
HEIC is the default photo format on iPhones. Learn what it is, why Apple uses it, and how to convert it.
What is JSON?
JSON (JavaScript Object Notation) is the standard data format for web APIs. Learn the syntax and common uses.
What is Regex?
Regular expressions (regex) are patterns for matching text. Learn the basics and common use cases.