Understanding JWT tokens with Hasura
Blog post from Nhost
A JWT (JSON Web Token) is a string that carries user information such as user ID and roles, which is used to authorize GraphQL requests to Hasura. This token is sent in the Authorization header, prefixed with "Bearer," ensuring that Hasura can identify the user and enforce data access permissions. JWT tokens are created by an authentication server, which verifies user credentials and signs the token with a secret key shared with Hasura, ensuring the token's integrity. Key session variables like x-hasura-user-id, x-hasura-allowed-roles, and x-hasura-default-role are integral to JWT tokens for resolving user permissions. Tokens have an expiration time and are stored temporarily in the client's browser memory; they can be refreshed using a refresh token, which is linked to a user in the database and facilitates obtaining a new JWT token without re-authenticating. Hasura Backend Plus is a compatible authentication server for generating these tokens, and the nhost-js-sdk is used for automatic management of token storage and refresh processes.
No tracked trend matches for this post yet.
Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.