Typically, using a JWT for REST API authentication involves two steps:
- Obtaining the token by providing the user details
- Sending the token along with the REST API requests
Typically, on the login page of a web application, we get the user credentials. We can send a POST request with the user credentials to the JWT authentication URL (for example, /auth), in order to receive a JWT token.
In all the subsequent REST API requests, the JWT token will be sent in the authorization header.