My FeedDiscussionsHeadless CMS
Sign in
Log inSign up
Learn more about Hashnode Headless CMSHashnode Headless CMS
Collaborate seamlessly with Hashnode Headless CMS for Enterprise.
Upgrade ✨Learn more

Why JWT token?

József Pallagi's photo
József Pallagi
·Jul 23, 2020·

1 min read

I'm planning to create a web application. For authentication, I want to use JWT token.

I have read everyone that is safe, but I don't understand why.

Let's say the user login and the server sends back the token. The user wants to see his/ her orders (its a webshop), so the frontend sends a query like<TOKEN>&orderBy="userId"&equalTo=<USER_ID>

As the user can see the token in the console network tab He or she can make a query like<TOKEN>

with this, he can see everyone's orders and even can manipulate this data.