I asked a little question on the site about JWT , which is used to create access tokens through JSON.
I tried to implement JWT between two applications that use different versions of a library that generates JWT tokens.
Know version 0.4 and 0.5 of this library .
I was seeing that an error was being generated between these two applications, and the private key was the same and the claims were also usually recognized. But I noticed when I used JWT.IO that a result of the header type
was different.
When you put a given token (generated by version 0.4 of the library) this would appear in the HEADER section:
{
"alg": "HS256",
"typ": "JWS"
}
When I used the token generated by version 0.5 of the above library, this HEADER appeared:
{
"typ": "JWT",
"alg": "HS256"
}
So, I guess that's why I was not able to maintain JWT communication between the two applications, since each is implementing a typ
different.
I have some doubts:
- What is the difference between JWS and JWT?
- What would this
typ
be in a JWT Token Header?