JSON Web Tokens (JWT) Training Course


JSON Web Token (JWT) is an open standard for sharing security information between a client and a server.

This instructor-led, live training (online or onsite) is aimed at developers who wish to use JWT to transmit information between different parties as a JSON object.

By the end of this training, participants will be able to:

  • Understand the JWT structure and use cases.
  • Learn how to validate and invalidate JWTs.
  • Manage Cryptographic keys.

Format of the Course

  • Interactive lecture and discussion.
  • Lots of exercises and practice.
  • Hands-on implementation in a live-lab environment.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.


  • Basic knowledge of web service


  • Developers

Course Outline


  • Overview of JWT structure
  • JWT common use cases

JWT Validation

  • Symmetric token signature
  • Asymmetric token signature
  • Validating tokens
  • Validating claims

Stolen JWTs

  • Dealing with stolen JWTs
  • JWT storage
  • Invalidating JWTs

Managing a Cryptographic Key

  • Overview of secret keys
  • Embedding the public key
  • Embedding a URL containing the key

Hacking JWTs

  • Brute force approach
  • Modifying the algorithm RS256 to HS256
  • None algorithm approach

Summary and Next Steps

Leave a Reply

Your email address will not be published. Required fields are marked *