What Is a JWT?
A pass that proves it's you
A JWT is a 'pass' that shows you are really you after logging in. It has three parts.
What you'll learn from this poster
- What a JWT isRepresents login state / Three parts (split by .) / Header / payload / signature
- The payloadInfo like who and expiry / Anyone can read it (not encrypted) / Keep secrets out
- The signatureDetects tampering / Needs a key to make correctly / Lets you verify it's real
- Watch outVisible content: no secrets / Set an expiry / Avoid it being stolen
A JWT is a tamper-evident pass
Usage: Free to print and display for learning at school or home (no sign-up). High-resolution portrait PNG (1024×1536); A3 or larger is recommended. Please do not sell, use commercially, or redistribute modified versions.