Many modern web applications, both client-side and server-side, use JSON Web Tokens (JWTs) for authentication, which is an excellent approach. However, when things don’t work, it can be tricky to work out why.
This post aims to give you some tactics for understanding and correcting problems with JWTs. If you’re just getting started, check out the documentation on working with JWTs and our APIs first.
Sometimes the problem is as simple as knowing whether you even passed the right value into the right place, the equivalent to “is it plugged in?” question.
So, add a little debugging to your code to output the JWT somewhere you can see, such as your error log or console.
Then take a look for the following:
+
and /
are permitted, with =
used for padding), separated by dots.If the token passes visual inspection, then we need to get out some more specific tools.
#json #json web tokens #jwts #security #tips and tricks