Y
Hacker News
new
|
ask
|
show
|
jobs
by
nmgsd
2726 days ago
You can't forge a JWT without stealing the private key of the valid JWT signer.
You can steal a JWT token the same way you can steal a session token.