Security cheat sheet

JSON Web Tokens (JWT)


JSON Web Tokens (JWTs) have become extremely popular. JWTs seem deceivingly simple. However, to ensure their security properties, they depend on complex and often misunderstood concepts. This cheat sheet focuses on the underlying concepts. The cheat sheet covers essential knowledge for every developer producing or consuming JWTs.

When subscribing, you can choose to only receive cheat sheet updates, and nothing else. If you prefer to just download the cheat sheet, you can do that here.

This security cheat sheet is created by Pragmatic Web Security.
Check out our other cheat sheets on modern web security best practices.