This video is available to students only

Json Web Tokens

In this lesson, we're going to learn about Json Web Tokens

Json web tokens#

Now we have an endpoint for authenticating users, but we are returning all the user information which is inappropriate. What we really need to return is a token which is called JSON web token. Now what's a JSON web token? It's basically a string which identifies a user. You can also call it a user's passport online. So whenever the user logs in, the server verifies the email and the password, and as an identifier, it returns a JSON Web token, which is stored inside the user's browser until the user is logged in. In all the future requests, the JSON Web token is shared as a proof that it's you, so that you don't have to mention your email and password before making any request to the server. You log in once and until you log out, it authorizes you to make future requests.

Start a new discussion. All notification go to the author.