Skip to main content
Cryptography

Questions tagged [jwt]

Ask Question

JWT specifies JSON web tokens. It is defined in RFC 7519: JSON Web Token (JWT)

36 questions
Newest Active Bountied Unanswered
1 vote
2 answers
210 views

I have an embedded environment without access to entropy, trying to sign a message using RSA-SHA256 (JWT). Would it be insecure to ignore the entropy requirements forcefully, and sign without any &...
doggopwn's user avatar
  • 13
0 votes
2 answers
99 views

I came up with the following protocol to provide a life-time for JWT tokens while differentiating services to communicate securely with web services (service-to-service) using symmetric key signing ...
Adam Memisyazici's user avatar
  • 1
2 votes
2 answers
3k views

Given a private key using algorithm RSA-PSS with SHA256 is it possible to use this key to sign a JWT using algorith RS256 (RSA with SHA256) instead of PS256 (RSA-PSS with SHA256)? The German ...
Basti's user avatar
  • 123
0 votes
0 answers
407 views

Which method will generate stronger secret? 64 character secret generated by nanoid (https://www.npmjs.com/package/nanoid) with characters: ...
wefad12292's user avatar
  • 1
2 votes
0 answers
698 views

I want to hash my signature of JWT using public & private key, since we are using ES-256 algorithm in JWT. But the problem is that I have both the keys in JSON & .PEM format, so how can I do ...
Amit Mishra's user avatar
  • 21
0 votes
1 answer
385 views

JSON Web Tokens (JWTs) (RFC, introduction) are digitally signed using a secret key (which can be symmetric, but for distributed use cases will typically be asymmetric). The signature forms the third ...
Anders Rabo Thorbeck's user avatar
  • 565
3 votes
1 answer
4k views

I would like to use JWT but one thing I'm still thinking is ¿what is the best length for the secret? If I'm using HS512 as a signing method the secret should have a length of 512 bits as far as I ...
Clara Raquel's user avatar
  • 33
2 votes
1 answer
5k views

I'm a newbie that is studying about JWT using RS256 algorithm for signing and verification. I have drawn a diagram that represents my understanding of how RS256 works. Basically, below is what I ...
William Le's user avatar
  • 121
2 votes
0 answers
58 views

I am a beginner in-terms of JWT libraries in programming. How the keypair used (secp256k1) is related with the algorithmic header used for creation of JWT? And why authfusion doesn't need an ...
Benjamin's user avatar
  • 21
0 votes
1 answer
1k views

I'm not sure I have a full understanding of JWT when it comes to the signature. The signature, as I get it, validates to the server that the header/payload that was transfer from the client is legit. ...
ProcolHarum's user avatar
  • 101
0 votes
1 answer
414 views

A JSON Web Token is supposed to have the following format: token = encodeBase64(header) + '.' + encodeBase64(payload) + '.' + encodeBase64(signature) When I use ...
Tom's user avatar
  • 5
0 votes
0 answers
560 views

I have implemented an authentication scheme using JWT with assymetric keys (RS256). The idea is that (assuming some microservice-based acrhitecture) the authentication service will sign all JWTs with ...
LlewellynS96's user avatar
  • 1
3 votes
1 answer
3k views

I have a RS256 JWT, I'd like to find out its public key. Because I know the header, payload and I have the encrypted signature, is there a way to obtain the public key that made the signature from ...
hmngwn's user avatar
  • 33
3 votes
1 answer
13k views

The following NodeJS code, when run (v16.8.0), logs 512 to stdout. ...
Otto's user avatar
  • 135
0 votes
0 answers
38 views

This might be a noob question, I've searched the web but couldn't find anything remotely close to what I would like to achieve. Maybe I don't have the correct jargon, so please bear with me. Basically,...
Papooch's user avatar
  • 101

15 30 50 per page
1
2 3