Y
Hacker News
new
|
ask
|
show
|
jobs
by
pfg
3078 days ago
It's generally a good idea to avoid JWT. There are a lot of foot-guns in JWT, and many implementations have gotten it wrong in the past. This[1] is a good summary on the topic.
[1]:
https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-ba...