What's JWT?
JWT stands for JSON Web Token, and it's an open standard (RFC 7519) that offers a concise and self-contained mechanism for securely encoding and transmitting information between computers as JSON objects.
When developing GraphQL APIs, you'll almost always need to secure specific endpoints from public access and need users to be authenticated first and authorized (allowed) to use the endpoint(s).
You can achieve that using JWTs. This is how authentication with JWTs works:
- When users register or sign in, we build a JWT token that includes the user's identity on the server and send it to the client.
- We need to transmit the received token back to the server with every request on the client side so that the server can verify the client's identity and determine whether they are permitted to visit the endpoint.
In contemporary web apps, where we have a JavaScript client app that has to interface with an API to query and save data...
