What's the use of header part of JWT(https://jwt.io) ? I found that if you removed that header part of it? It doesn't lose its security.
If JWT contains only two part, payload and signature: yyyy.zzzz instead of xxxx.yyyy.zzzz. You can still use the algorithm to check if yyyy matches zzzz after hashing.
Aucun commentaire:
Enregistrer un commentaire