What is a JWT (JSON Web Token) and why your REST API needs it

preview_player
Показать описание

Hello everybody I'm Nick and today I will explain what is a JWT (JSON Web Token) and why your REST API needs it.

Don't forget to comment, like and subscribe :)

What is JSON Web Token, How JWT is created, Why is JWT used, Where JWT is used, What is JWT Payload, What is JWT Header.

Social media:

#tutorial #jwt #auth
  1. Nick Chapsas
  2. Elfocrash
  3. elfo
  4. coding
  5. asp.net
  6. .netcore
Рекомендации по теме
What Is JWT 0:14:53

What Is JWT and Why Should You Use JWT

What is JWT 0:05:13

What is JWT ? JSON Web Token Explained

How does JWT 0:01:07

How does JWT work

Session vs Token 0:02:18

Session vs Token Authentication in 100 Seconds

Why is JWT 0:05:14

Why is JWT popular?

JWT Authentication Explained 0:07:52

JWT Authentication Explained

What is JWT? 0:14:53

What is JWT? JSON Web Tokens Explained (Java Brains)

#35 What is 0:14:47

#35 What is JWT and Why

JWT Explained In 0:09:18

JWT Explained In Under 10 Minutes (JSON Web Tokens)

What is a 0:10:37

What is a JWT (JSON Web Token) and why your REST API needs it

Session Vs JWT: 0:07:00

Session Vs JWT: The Differences You May Not Know!

What Is JWT(JSON 0:10:09

What Is JWT(JSON Web Token) ?

How Does JWT 0:11:27

How Does JWT Authentication Work? (JSON Web Token) | Tokens vs Sessions

What is a 0:01:00

What is a JWT? 🆔⌛

What is JWT 0:10:34

What is JWT ? JSON Web Token Explained

Difference between cookies, 0:11:53

Difference between cookies, session and tokens

What is the 0:17:46

What is the structure of a JWT - Java Brains

What are JSON 1:41:00

What are JSON Web Tokens? JWT Auth Explained [Tutorial]

JWT token vs 0:10:25

JWT token vs Server Tokens

Understanding JSON Web 0:08:31

Understanding JSON Web Tokens | JWT Explanation from Tech with Tim

What is JWT 0:26:12

What is JWT token and JWT vs Sessions

How JWT is 0:01:00

How JWT is used for authentication in microservices - Short

JWT | JWS 0:14:21

JWT | JWS | JWE | JWA | JWK

Learn JWT in 0:10:20

Learn JWT in 10 Minutes with Express, Node, and Cookie Parser

Комментарии
Автор

Love the whiteboard presentations Nick, really helpful and well explained.

Azukayoshi
Автор

Clear explanation and presentation, thank you

femus
Автор

Very clear and concise explanation, Thanks Nick, keep up the good work !

joancamilomina
Автор

I liked the whiteboard, thank u for the explanation of this concept. Very clear and simple. Also, very helpful to complement the tutorial series. Thanks a lot.

Gomide
Автор

Very clear explanation. I really love your work. Thank you Nick.

wanderingchestnut
Автор

Thanks for explaining and comparison of jwt and cookie.

eniluck
Автор

Simple and straight to the point, thank you.

secretmind
Автор

thats a realy good video. Nice work and keep doing videos!

caikhenrik
Автор

doing a video on an implementation of this would also be great.
It would also be cool to see a video on the use of that auto mapper tool you've talked about a few times. learning how to use that would save tons of time. Also, while I'm not sure how popular it would be on youtube but showing some unit testing, especially of your posts service, would be a great help. Unit testing entity framework is annoying.

funkel
Автор

5:10 Since the header is in clear text an attacker can change the header to forge a token. A malicious user may replace the hash key, inject a key and change alg, even none is valid alg which completely bypasses the validation.

Please do not trus the header, instead rely on the hash key used during creation of the token.

twiksify
Автор

Hi, Nick, thanks for the video.
I have a question:
With Jwt, Although we dont have to store session/state on each machine, we must store the secret along with a method that checks the token validity on each machine.
Having said that, is jwt better than session/state (for that specific aspect)?

yele
Автор

please make a video on identity server

shashankpandey
Автор

Very helpful, can you please share a github link for source code?

murunwascengy
Автор

Can we have video on AD Authentication in Web API .net core ?

InCircle
Автор

It still doesn't make any sense.
How is it different then sending password. I mean if someone hacks my computer and copies the JWT, he/she can access my account on website?

MrTalhakamran
Автор

Using a cluster as a reason why JWT are even existing is wrong… Clusters are very easy way to handle that (shared session storage etc.), this video is misleading a lot of people by explaining a reason for JWT that is not really a good reason. (I’m not going to explain it but people should look at some resources, one of the main reason is about distributed system and that cannot always authenticate you against the original system for instance, or having tickets with only a specific set of claims etc.. but Load balancing is def. NOT a reason why JWT exists, there are so many ways to handle that and it was there way before JWT)

livelaurent
Автор

'How to implement Google/Microsoft/Twitter... authentication?'

lucisaeterna