Demystifying JWT: Understanding JSON Web Tokens for Secure Authorization
The Question While working on our checkout service, I noticed that we used JWTs to authorize client side requests. Authorization as opposed to Authentication because these requests are made between services and the client is already authenticated (logged into the platform). A co-worker asked a question about how JWT works and that got me spiraling down the rabbit hole. I knew JWTs were used to tell the backend server that the request being made was made by a trusted party (ie....