JWT or JSON Web Tokens is an open standard for securely transmitting information between two parties. They are widely used for authentication and authorization.
Hey,I wanted to raise a point regarding the JWT authentication flow depicted in the GIF. The flow shown, termed "Implicit Flow" [1], is no longer recommended and is, in fact, considered deprecated. The preferred approach is the Authorization Code Grant [2], enhanced with the Proof Key for Code Exchange (PKCE) extension [3].
Hey,I wanted to raise a point regarding the JWT authentication flow depicted in the GIF. The flow shown, termed "Implicit Flow" [1], is no longer recommended and is, in fact, considered deprecated. The preferred approach is the Authorization Code Grant [2], enhanced with the Proof Key for Code Exchange (PKCE) extension [3].
[1] https://datatracker.ietf.org/doc/html/rfc6749#section-1.3.2
[2] https://datatracker.ietf.org/doc/html/rfc6749#section-1.3.1
[3] https://www.rfc-editor.org/rfc/rfc7636
Thank for your the feedback, Ben! We will update the gif.
You are supposed to follow cryptographic tradition and name Alice (for 'A') and Bob (for 'B'), not John!
gp
Yes, there’s not a lot of of us
Yes it is
Who created the animations for
JWT 101: Key to Stateless Authentication and How Digital Signatures Work?
So excited for the event and learning everything new, I put it on my Google calendar.