gptkbp:instanceOf
|
crypt
|
gptkbp:canBe
|
stateless
unencrypted
long-lived
short-lived
self-contained
encrypted (JWE)
refreshed
revoked by blacklist
|
gptkbp:canBeSignedWith
|
gptkb:RSA
gptkb:HMAC
gptkb:ECDSA
|
gptkbp:category
|
gptkb:security
gptkb:website
cryptography
|
gptkbp:contains
|
header
signature
payload
|
gptkbp:definedIn
|
gptkb:RFC_7519
|
gptkbp:firstPublished
|
2015
|
gptkbp:format
|
gptkb:JSON
|
gptkbp:headerContains
|
gptkb:algorithm
token type
|
https://www.w3.org/2000/01/rdf-schema#label
|
JWT
|
gptkbp:payloadContains
|
Thread
audience
claims
JWT ID
expiration time
issued at
issuer
|
gptkbp:relatedTo
|
gptkb:JWE
gptkb:JWS
|
gptkbp:signaturePurpose
|
integrity
authenticity
|
gptkbp:standardizedBy
|
gptkb:IETF
|
gptkbp:standsFor
|
gptkb:JSON_Web_Token
|
gptkbp:transmittedBy
|
URL-safe string
|
gptkbp:usedBy
|
gptkb:Amazon
gptkb:Facebook
gptkb:Google
gptkb:Microsoft
|
gptkbp:usedFor
|
gptkb:government_agency
authentication
stateless authentication
|
gptkbp:usedIn
|
gptkb:OAuth_2.0
gptkb:OpenID_Connect
web applications
APIs
mobile applications
|
gptkbp:vulnerableTo
|
token theft if not secured
|
gptkbp:bfsParent
|
gptkb:REST_API
gptkb:REST_APIs
|
gptkbp:bfsLayer
|
4
|