JWT Structure

 

JWT Structure

The token is composed of three parts, separated by dots:

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6Im9wZW5zb3VyY2VqZWdhbkBnbWFpbC5jb20iLCJyb2xlcyI6WyJ1c2VyIl0sImV4cCI6MTczMzU3MzA2MX0.nxBknSlySJ0JQIFg5BpmnZhZV6VZ0Mshu7opFFgPLSc

1. First Part (Header):
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9

  • When decoded (base64), it reveals:
{
  "typ": "JWT",
  "alg": "HS256"
}

JSON
  • typ: Type of token (JSON Web Token)
  • alg: Algorithm used (HMAC SHA256)
2. Second Part (Payload):
eyJ1c2VybmFtZSI6Im9wZW5zb3VyY2VqZWdhbkBnbWFpbC5jb20iLCJyb2xlcyI6WyJ1c2VyIl0sImV4cCI6MTczMzU3MzA2MX0

  • When decoded, it reveals:
{
  "username": "opensourcejegan@gmail.com",
  "roles": ["user"],
  "exp": 1733573061
}

JSON
  • username: User's email
  • roles: User's roles (in this case, "user")
  • exp: Expiration timestamp (Unix timestamp)
3. Third Part (Signature):
nxBknSlySJ0JQIFg5BpmnZhZV6VZ0Mshu7opFFgPLSc

  • Created by signing the encoded header and payload with a secret key
  • Ensures the token hasn't been tampered

Comments

Post a Comment

Popular posts from this blog

MongoDB Installation Ubuntu 22.04 LTS

https://drive.google.com/file/d/1OLBfJ6GpizGveXkhojzsAFV9aH-e-zNx/view?usp=sharing sudo apt-get install -y mongodb-mongosh For Support, support@ cybersecuritysolutions. raiseaticket.com Before Installation you have to do the below, wget  http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2_amd64.deb sudo dpkg -i  libssl1.1_1.1.1f-1ubuntu2_amd64.deb sudo apt-get install -f dpkg -l | grep libssl1.1 Then, wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | sudo apt-key add - echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list sudo apt update sudo apt install -y mongodb-org sudo systemctl start mongod sudo systemctl status mongod sudo systemctl enable mongod
Read more