Wikinventia — Atlas of discoveries and inventions · Digital Age

Self-contained access token (JSON Web Token) — Mike Jones, John Bradley, and Nat Sakimura

2015 AD · Transmission: Global
ComputingSystemNorth American

In May 2015 the IETF publishes RFC 7519, defining JWT as the standard for compact, self-contained claims transferred as a signed JSON object. A JWT carries user identity and permissions encoded within itself (header, payload, signature), letting the receiving server verify authenticity via the issuer's public key with no external lookup, enabling stateless verification at any scale. It becomes the dominant token format of the modern web, underlying OIDC ID Tokens and inter-microservice authorization.

InstitutionIETF — Internet Engineering Task Force
Historical regionUSA
Primary sourceJones, M.; Bradley, J.; Sakimura, N. — RFC 7519 (IETF, May 2015)
Secondary sourceJones, M.; Bradley, J.; Sakimura, N. — RFC 7515: JWS (IETF, May 2015)
Original languageEnglish
View this entry in the interactive atlas → View in graph →