What is Json web token or JWT token


JWT or Json web token is used to authenticate the calls of application, it’s an open-source service and have been adopted by industry at large scale. It’s a kind of key or secret-code which we send along with our request. The server after seeing this secret key gets assured that the request is coming from an authentic source. During generation of a token, we first get this object: 
This token object contains the algorithm using which it is created, its type, it contains an Id, it also has an expiration date. But while sending it in response, we convert this object into a single long encrypted string which are connected to via 2 dots.  Please notice the dots.
This JWT token string contains information: a – Header – It tells about type of Token i.e. JWT + Algoright used b – Payload – It tells about the user for which it was created + the time till which it will work. c – Signature – It is made up of a secret key(string) which we provide + Header + Payload and then encrypted using an encryptor. The signature is used to verify the message wasn’t changed along the way.  To learn how to implement JWT authentication in ASP.net core application please go through our article – Low level: JWT auth implementation in Asp.Net Core C#

To know the kind of security it provides, you can see the image above 🙂


To understand the topic better we have already kept a JWT based project at our Github location. Please open this project side-by-side to understand the flow better. This project is a React + Redux + Asp.Net Core + JWT + MongoDb based ToDo application.

Read more from Asp.Net C#:

Natalie Harris
With references from Jon Skeet
Christopher Palmer
With references from Eric Nat
Christopher Palmer
With references from Peter Andrew
Natalie Harris
With references from Jon Skeet
Christopher Palmer
With references from Eric Nat

Leave a Reply

Your email address will not be published. Required fields are marked *