Menu
I am using JWT token to authorize my APIs, during implementation I found header and payload in token always start with eyJ. What does this indicate?
370
In fact, they might look like random strings of characters, but they're actually base64 encoded JSON objects (tip: you may notice that all JWTs start with an “ey” … that's because “ey” is the start of any base64 encoded string that begins with the {" character sequence (… as all JSON object do).
Header. The header typically consists of two parts: the type of the token, which is JWT, and the algorithm that is used, such as HMAC SHA256 or RSA SHA256. It is Base64Url encoded to form the first part of the JWT. Payload. The payload contains the claims.
JWT Structure. A JWS (the most common type of JWT) contains three parts separated by a dot ( . ). The first two parts (the "header" and "payload") are Base64-URL encoded JSON, and the third is a cryptographic signature.
JWTs consist of base64url encoded JSON, and a JSON structure just starts with {"..., which becomes ey...when encoded with a base64 encoder.
The JWT header starts with {"alg":..., which then becomes eyJ...
You can try on this online encoder and enter {"alg" and click on encode. The result will be eyJhbGciPSA=
138
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
