The proper way to use JWTs for API Authorization on the web

The proper way to use JWTs for API Authorization on the web

Using JSON Web Tokens (JWTs) for API Authorization can have awesome benefits over the more traditional session-ids approach: stateless verification/authorization, cross-domain and being client-side readable, but using JWTs on the web can be contentious. There is a lot of concern (and a lot of FUD spread) about using JWTs in web apps, specifically about storing the JWT in localstorage, but luckily there is a better way...

62f2141dcdf915592cefb716aa0de708?s=128

Adam L Barrett

March 15, 2019
Tweet