What is JWT?

Source: Dev.to

What is JWT?

JWT (JSON Web Token) is a token (like a small digital key) that the backend creates after a user logs in. It tells the server: “Yes, this user is already logged in.” We can think of JWT like an ID card or an entry pass.

Why use JWT?

• Without JWT: you’d have to send your password every time — unsafe and slow.
• With JWT: login once, get a token, and send it with every request. The server checks it and allows access.

JWT structure

JWT is made of three parts:

• Header: token type & algorithm
• Payload: user info (never store passwords)
• Signature: secret key that proves the token is real

How it works

1. User logs in → server creates JWT.
2. Token sent to frontend → stored (usually in localStorage).
3. User makes requests → token sent in headers.
4. Server checks token → allows or denies access.