Course Outline

Introduction

  • Overview of JWT structure
  • JWT common use cases

JWT Validation

  • Symmetric token signature
  • Asymmetric token signature
  • Validating tokens
  • Validating claims

Stolen JWTs

  • Dealing with stolen JWTs
  • JWT storage
  • Invalidating JWTs

Managing a Cryptographic Key

  • Overview of secret keys
  • Embedding the public key
  • Embedding a URL containing the key

Hacking JWTs

  • Brute force approach
  • Modifying the algorithm RS256 to HS256
  • None algorithm approach

Summary and Next Steps

Requirements

  • Basic knowledge of web service

Audience

  • Developers
  7 Hours
 

Number of participants


Starts

Ends


Dates are subject to availability and take place between 09:30 and 16:30.
Open Training Courses require 5+ participants.

Testimonials (4)

Related Courses

Related Categories