A JWT token is an encrypted token that contains user details, user authorization, and a few custom application-specific details.
An example JWT token is as follows:
eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMiwiY3VzdG9tIjoidmFsdWUifQ.AcXCIdAbFhpFM2w9LpB86aJKg3NMRWDXJmxO7v_eM22ZmVpT0A0W8NEntu4G2syp03L23h2Et46yir96eTBiog
This JWT token is an encrypted value using a simple algorithm. We will look at how this token is created a little later.
A JWT token is a combination of three things:
- JWT payload
- JOSE header
- JWT signing and token creation