There's a lot you have to think about when building frontend applications - routing, performance, animations, etc. Security often takes the back seat (not cool!)

Between cookies, tokens, keeping users authenticated, and handling resource access, security can become quite tricky

Let's look one of the popular methods of authorization: JWT(Json web tokens) and what makes it secure in the first place?

What is JWT?

JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.

You can read the research paper here:

RFC 7519 - JSON Web Token (JWT)

When should you use JSON Web Tokens?

• Authorization: This is the most common scenario for using JWT. Once the user is logged in, each subsequent request will include the JWT, allowing the user to access routes, services, and resources that are permitted with that token
• Information Exchange: JSON Web Tokens are a good way of securely transmitting information between parties. Because JWTs can be signed, using public/private key pairs - you can be sure the senders are who they say they are.