From the course: Microservices Security Workshop: From Build to Production
Join today to access over 25,400 courses taught by industry experts.
JWT crash course
From the course: Microservices Security Workshop: From Build to Production
JWT crash course
- [Instructor] At this point, you may be thinking, how are we going to talk even more about JWTs? I feel like we've been obsessed with them. Well, in a lot of ways we have because they really define a lot of microservice security. In this course, we're going to talk more about the high level vision of what a JWT is and how to implement them securely. First, JWTs stands for JSON Web Token. It's a compact URL safe way of representing claims between two parties. In most microservice applications, JWTs are used as bearer tokens passed along with requests to prove that the user making the request is authenticated. These tokens are signed using a secret or private key so that the receiving service can verify their authenticity without needing to call back to the original authentication service. This is especially useful when you've got a bunch of services talking to each other and you don't want everything to rely on a single shared session store. In a typical flow, a user logs in and the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
Secure libraries for common languages4m 5s
-
(Locked)
JWT crash course4m 1s
-
(Locked)
Static application security testing (SAST)3m 52s
-
(Locked)
Software composition analysis (SCA)4m 28s
-
(Locked)
Secrets management3m 47s
-
(Locked)
Infrastructure as Code (IaC) patterns4m 23s
-
(Locked)
Other shift-left stuff4m 46s
-
(Locked)
Challenge: Run and fix a SAST scan33s
-
(Locked)
Solution: Run and fix a SAST scan2m 53s
-
(Locked)
-
-
-