We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Let's talk about JWT

0
 Cite
 Share
 Download
Logo of EuroPythonEuroPython
 Temporal, Jessica

Formal Metadata

Title
Let's talk about JWT
Title of Series
Number of Parts
112
Author
License
CC Attribution - NonCommercial - ShareAlike 4.0 International:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
[Wicklow Hall 1 on 2022-07-14] JSON Web tokens dominated the way we give access to APIs and how we carry data from users, but to use JWTs safely we need to understand how they came to life and how JWTs can be useful. In this talk we will take a closer look at the famous three-part structure that forms a JSON Web Token, and the claims each JWT can carry. But knowing it’s history and structure is not enough, we need also to understand the algorithms used in creating a token and how you can use JWTs as access tokens or as ID tokens. After understanding JWTs on a deeper level, we will create and validate a JWT together using the PyJWT library and discuss things you should avoid doing to be safer when using JWTs in your projects. 1. How did JWT come to life? Talk about the JOSE specification; 2. What actually is a JSON Web Token and its structure: header, payload, and signature; 3. What is a claim and its standardization efforts; 4. The different types of algorithms that can be used to create JWTs and what is JWKs; 5. Let's create a token together using PyJWT; 6. What is an access token and an ID token; 7. Things to avoid to be safer with JWTs