Glossary · Definition
JWT token structure
A JWT is three Base64URL-encoded JSON objects separated by dots: header.payload.signature. Header declares signing algorithm; payload contains claims; signature verifies authenticity. JWTs are NOT encrypted by default — anyone can decode the payload to read it. Use JWE for encryption.
Definition
A JWT is three Base64URL-encoded JSON objects separated by dots: header.payload.signature. Header declares signing algorithm; payload contains claims; signature verifies authenticity. JWTs are NOT encrypted by default — anyone can decode the payload to read it. Use JWE for encryption.
What it means
<strong>Header</strong>: <code>{"alg": "HS256", "typ": "JWT"}</code>. Algorithm options: HS256 (HMAC + SHA-256, symmetric, single secret), RS256 (RSA + SHA-256, asymmetric, public/private keypair), ES256 (Elliptic Curve, smaller signatures). <strong>Payload</strong>: claims about the user. Standard claims (iss issuer, sub subject, aud audience, exp expiration, iat issued-at, nbf not-before) plus custom claims (user_id, role, etc.). <strong>Signature</strong>: <code>HMAC-SHA256(base64url(header) + "." + base64url(payload), secret)</code>. Verifying: re-compute signature and compare. <strong>Critical security note</strong>: JWT payload is BASE64-encoded, NOT encrypted. Anyone with the token can read the claims. Never put secrets (passwords, API keys) in JWT payload. Use JWE (JSON Web Encryption) if you need encryption.
Advertisement
Why it matters
JWTs power most modern authentication systems: OAuth 2.0, OpenID Connect, single-page apps with stateless auth, API authentication. Understanding the structure is essential for: debugging auth issues (decode the JWT to see what claims your token has), implementing JWT auth (avoid the common pitfalls), and security review (don’t put secrets in payload, validate signatures, check expiration). The most common JWT vulnerability is ‘none’ algorithm — accepting unsigned tokens because the header says <code>alg: "none"</code>. Always whitelist accepted algorithms.
Example
<code>eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjMiLCJleHAiOjE3MDAwMDAwMDB9.signature</code>. Decoded: header = <code>{"alg":"HS256"}</code>. Payload = <code>{"sub":"123","exp":1700000000}</code>. Signature: HMAC-SHA256 of header.payload with secret.
Related free tools
Frequently asked questions
HS256 vs RS256 vs ES256?
HS256: symmetric, single secret shared by signer and verifier. Faster but secret must be private. RS256: asymmetric, private key signs, public key verifies. Slower but enables verification by parties who shouldn’t be able to sign. ES256: elliptic curve, smaller signature, similar trust model to RS256.
Can I store sensitive data in JWT?
No — JWT payload is base64-encoded, NOT encrypted. Anyone with the token can read all claims. For sensitive data, encrypt the payload (JWE) or store sensitive data server-side and use JWT only for ID/reference.
What’s the ‘none’ algorithm vulnerability?
Some JWT libraries accept tokens with <code>alg: "none"</code> (unsigned), allowing attackers to forge tokens. Always whitelist accepted algorithms in your verification: only HS256/RS256/ES256, never ‘none’.
Related terms
- DefinitionJWTA JWT (JSON Web Token, pronounced 'jot') is a compact JSON token signed by an issuer. Three base64url-encoded parts joined with dots: header.payload.signature. Used for stateless auth, OIDC ID tokens, and signed messages between services.
- DefinitionBase64 vs Base64URLStandard Base64 (RFC 4648) uses A-Z, a-z, 0-9, +, /, and = padding. Base64URL replaces + with - and / with _ for URL/filename safety. Same encoding, different alphabets. JWTs, OAuth tokens, and URL parameters use Base64URL; everything else typically uses standard.