Subscribe to the Salt blog to learn about the latest developments in API Security

Blog Post

Technical

What Are JWTs And Are They Vulnerable To Attacks?

Chris WestphalChris Westphal
Aug 28, 2020

It’s time for episode number 5 of API Security With A Pinch Of Salt and in this episode Chris, Adam, and Ran talk about JSON Web Tokens (JWTs), an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.

Learn what it takes to secure APIs, how to evaluate API security offerings, and the capabilities needed to protect your business.

JWTs are commonly used for authorization in API applications because they’re lightweight, can be encrypted and can be digitally signed. As a simple example, a banking app might use JWTs to keep you from having to log in as you move between services like checking your balance, updating your investments and applying for a loan. Each of those services are likely different apps on the backend and being able to log in once, have the application issue a JWT for the session and use that JWT to authenticate you to each service will keep you from having to enter your user name and password again and again. JWTs are also commonly used with Single Sign On services for the very same reason.

We dig deeper into more of the details around JWTs, how they’re used for security in API applications, and if they’re vulnerable to attacks. Check out the video to see more.

If you’re interested in seeing the Salt Security API Protection Platform in action, contact us for a customized demo today!

Tags

Salt Security Blog

Sign up for the Salt Newsletter for the latest resources and blog posts.

October 15, 2024

Michael Callahan
Chief Marketing Officer

Industry

It's 2024 and the API Breaches Keep Coming

Learn about some major API security breaches from 2024 that underscore the critical importance of securing APIs effectively.

Read more

October 2, 2024

Roy Bar Yosef
Technical Product Manager

Technical

Harnessing the Power of eBPF for API Traffic Analysis with Salt Sensor 3.0

We are thrilled to announce the release of Salt Sensor 3.0.0, packed with exciting new features to enhance your ability to capture and analyze API traffic.

Read more

October 1, 2024

Eric Schwake
Head of Product Marketing

Technical

Seeing the Unseen: Salt Security and eBPF

As we observe Cybersecurity Awareness Month, it's important to emphasize the significance of advanced solutions that can detect hidden threats.

Read more

Download this guide for advice on evaluating key capabilities in API Security

Get the guide
Back