What to include in JWT token

What data should be include into the JWT token, and what should be avoided to ensure security? Currently, the token includes the username, role, iss, aud, and exp

1 Reply

Pobiega•4mo ago

unless you use encrypted tokens, only include non-sensitive stuff. treat it as plain text you should rarely need to include secret stuff thou, remember that as long as the JWT is signed, its essentially read-only anyways

C#Join

We are a programming server aimed at coders discussing everything related to C# (CSharp) and .NET.

52KMembers

View on Discord

Want results from more Discord servers?

Add your server

Avoid commit and push sensative infomationWhat are best practices for securely storing sensitive strings or secrets within a project to preven Am I using the right Windows App SDK? (1.4.1 (1.4.230913002))The Windows App SDK C# VS2022 extension says it is fully updated but the version is from September o ✅ Avalonia UI button doesn't color by hover!alls works great, but i doesnt change the color by ``Button:pointerover`` i have no plan why, ```xm .NET MAUI Grid Display?I've been trying to find an element to achieve this result but I can seem to find one. All my items Pulse Animation with certain keys (NEED HELP!)I have a class that will animate an image by growing it and then shrinking it however it only works Help ..

Gaming

Programming

What to include in JWT token