
Presented by:
Philippe Leothaud
CTO and Co-founder
JSON Web tokens (JWTs) are used massively in API-based applications as access tokens or to transport information across services. Unfortunately, JWT are often mis-used and incorrectly handled. Massive data breaches have occurred in the last 18 months due to token leakage and lack of proper of validation.
This session focuses on best practices and real-world examples of JWT usage, where we cover:
- Typical scenarios where using JWT is a good idea
- Typical scenarios where using JWT is a bad idea!
- Principles of Zero trust architecture and why you should always validate
- Best practices to thoroughly validate JWTs and potential vulnerabilities if you don’t.
- Use cases when encryption may be required for JWT
Webinar Follow-up
Hope you enjoyed the webinar! Below you can download the slide deck, visit our blog
for full Q&A and learn more about 42Crunch!

Are You Properly Using JSON Web Tokens Slide Deck
Download
Are You Properly Using JSON Web Tokens Q&A Blog
Read the Blog
42Crunch API Security
Platform Data Sheet
Free Tools: Check out our free API Security Tools that you can add to your IDE and CI/CD!
Resources
Want to learn more? Here are some resources to help you out.

Free Tools
Looking to make OpenAPI / Swagger editing easier? Or want to see how secure your API is? Check out our free tools.
Get the Tools!
API Security Top 10
Learn more about the OWASP API Security Top 10, how 42Crunch can help, and download our cheat sheet!
Learn More
Better Together
Already have API Management? Great! The 42Crunch API Security Platform is the perfect compliment. Get the data sheet.
DownloadReady to Get Started?
Developer-first solution for delivering API security as code.