Thursday 11:50 a.m.–12:20 p.m.

JSON Web Tokens

José Padilla

Audience level:



When it comes to implementing authentication on web apps, one solution you’ll definitely hear about first are cookies. Cookie-based authentication uses a server side cookies to authenticate the user on every request. A solution you’ll probably not hear as often is token-based authentication which relies on a signed token that is sent to the server on each request.


  • What are JSON Web Tokens
  • JWT Spec
  • JavaScript Object Signing and Encryption
  • JSON Web Encryption
  • JSON Web Key
  • JSON Web Signature
  • JSON Web Algorithms
  • Why are JSON Web Tokens useful
  • JWT for Token-based Authentication
  • JWT for Single Sign On
  • JWT for Action Links
  • How does JWT work
  • Cookie vs Tokens approach for authentication
  • Using JWT with Django REST Framework for Authentication