I'm trying to use authentication using passport and jwt, and when I use user.toJSON() to create tokens it give me following error const User = require('../../..
I have encoded a token with JWT::encode($payload, $key, 'HS256'); When I am trying to decode it with the same key, it throws an error. Here is the code: <?p
I succesfully installed "JWT Authentication for WP REST API" and followed (and reviewed multiple times) the instructions for setup correctly. My React app does
I'm using symfony 3.4 with DoctrineMongoDBBundle and LexikJWTAuthenticationBundle . I'm trying to create a user login which return JWT token. If i specify the u
I want to pass a JWT token from a NodeJS service to another service in Java. However, based on the what I've tried, the token is always invalid whenever I try t
When I get some claims from a JWT Token to validate user authentication I get the following error: Illegal base64url character: ' ' Creating a JWT goes complet
I'm having a problem getting a user to be authorized. I'm making a web Api and in the controller where the login method is, it creates a token (JWT Token / Bear
I am currently working on a Go application. I receive a JWT token from the client side and I need to decode that token and obtain the relevant information: user
I am implementing JWT in one of my node apps. I am wondering, if there is any definite format/ structure in which a refresh token should be generated? By de
I have an app with React in the frontend and SpringBoot in the backend for the API, when I login with some user it saves the token in localStorage and you can m
I'm trying to connect to cloud function such as https://us-central1-<>.cloudfunctions.net from java, and I'm trying to generate the bearer token for this
I know that a JWT token contains a header section that is BASE64 encoded. Scenario: Decode the header Change the value of one of the parameters present in hea
I have been searching for an example I can understand of how to validate the signature of a JWT with the Go Language. This might be especially tricky since I am
I'm making a reddit clone for practice and when I run it I'm getting the following exception: java.lang.ClassCastException: class java.lang.String cannot be cas
I have a route in nuxt that has to be accessible only by logged in users: /dashboard/secret. In /dashboard page I have a link like this: <nuxt-link to="/dash
So I'm trying to follow the security best practices and I'm sending my JWT token over my React app in a only-secure http-only cookie. This works fine for requ
My problem is that I want to check if the login token is invalidated in the database (after changing password). However, the validate function in JWTStrategy on
For example I have following Bearer JWT in my header, what's a elegant way to extract the token itself? Basically anything after Bearer. Since this could be in
Auth0 provide extensive list of resources describing best practices for the authentication. Among them there's a constant stream of advice not to use localStora
My understanding (which may be incorrect) of Keycloak is that once an User has logged in and is authenticated, the access-token/JWT is then stored as a cookie i