Reading time : 1 minute
In today’s world , security is the prime priority.
Throughout the evolution of computers, security also evolved from simple password based authentication to multi factor based authentication, from simple text encryption to two key encryption. The latest in this evolution is JWT (JSON Web Tokens), which handles secure message passing between two clients / parties.
Why we need JWT ?
In a normal token based authentication, a token is granted for a authenticated user. All the subsequent service calls uses this token and identifies the user. The identification process takes place at server where this token is validated against a token store data. Same is the case for a SAML authentication. The idea of JWT is to make this token self contained with out loosing the compact nature. So the identity will also lies with in the token . This will reduce the time to look up in the token store and also makes the program code straight forward.