Authorization/Authentication
- What header(s) are used in authentication and authorization
The
req.headers.authenticationheader is for authentication and thereq.headers.authorizationheader is for authorization.
- What is safe to put into a JWT Mostly anything, as it’s quite safe.
- How are JWTs validated
By a secret key at the end of the token, which we then compare to our secret key, and that decides if it’s valid or not.