#####   ######  #####    ###    #   #  ###  #   #  ######
##  ##  ##      ##  ##  ## ##   #   #   #   #   #  ##
#####   ####    #####   #   #   #   #   #   #   #  ####
##  #   ##      ##      ## ##    # #    #    # #   ##
##   #  ######  ##       ###      #    ###    #    ######

$ curl repovive.com/roadmaps/system-design-interview-prep/security-fundamentals/jwt-structure-and-claims

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░████████████████████████████████████████████████████████████████████████████████████████████████████████

#####   ######  #####    ###    #   #  ###  #   #  ######
##  ##  ##      ##  ##  ## ##   #   #   #   #   #  ##
#####   ####    #####   #   #   #   #   #   #   #  ####
##  #   ##      ##      ## ##    # #    #    # #   ##
##   #  ######  ##       ###      #    ###    #    ######

$ curl repovive.com/roadmaps/system-design-interview-prep/security-fundamentals/jwt-structure-and-claims

Repovive

JWT Structure and Claims - Security Fundamentals | System Design Interview Prep | Repovive

Repovive.

System Design Interview Prep22 sections · 691 units23h total

Open in Course

JWT Structure and Claims

Token anatomy

A JWT has three Base64-encoded parts separated by dots:

Header: Algorithm and token type

{"alg": "RS256", "typ": "JWT"}

Payload: Claims about the user

{"sub": "user123", "exp": 1234567890}

Signature: Verification hash

Standard claims include: sub (subject), exp (expiration), iat (issued at), iss (issuer), aud (audience). Never store sensitive data in JWTs. The payload is encoded, not encrypted. Anyone can decode and read it.