JSON Web Token (JWT)

Eintrag zuletzt aktualisiert am: 24.05.2021


JSON Web Token (JWT) ist ein IETF-Standard (https://datatracker.ietf.org/doc/html/rfc7519) für Zugriffstoken mit Claims in Webanwendungen. Das Format ist JSON-basiert.

" JSON Web Token (JWT) is a compact, URL-safe means of representing
claims to be transferred between two parties. The claims in a JWT
are encoded as a JSON object that is used as the payload of a JSON
Web Signature (JWS) structure or as the plaintext of a JSON Web
Encryption (JWE) structure, enabling the claims to be digitally
signed or integrity protected with a Message Authentication Code
(MAC) and/or encrypted."

https://datatracker.ietf.org/doc/html/rfc75