JWT stands for JSON web token, which actually has some information related to a particular call. JWT is issued with both authentication and authorization. From a valid JWT token, we can easily identify who is the user and what they can do. Before understanding the structure of JWT, let's get familiar with two other terms: OpenID and OAuth. Nowadays, OAuth 2.0 and OpenID Connect are looked at as an alternative to Security Assertion Markup Language (SAML) for communicating identities and information about a user to identity providers and service or resource providers. OpenID is more for authentication purposes, and OAuth is more for the authorization server. The following section gives more details about these two terms.