Sending JWT token in the headers with Postman

express jwt postman
Diode Dan picture Diode Dan · Jul 12, 2014 · Viewed 225.5k times · Source

I'm testing an implementation of JWT Token based security based off the following article. I have successfully received a token from the test server. I can't figure out how to have the Chrome POSTMAN REST Client program send the token in the header.

postman screenshot

My questions are as follows:

1) Am I using the right header name and/or POSTMAN interface?

2) Do I need to base 64 encode the token? I thought I could just send the token back.

Answer

Mick Cullen picture Mick Cullen · Jul 12, 2014

For the request Header name just use Authorization. Place Bearer before the Token. I just tried it out and it works for me.

Authorization: Bearer TOKEN_STRING

Each part of the JWT is a base64url encoded value.

Related questions

jwt check if token expired

I've configured the token like this: jwt.sign( { user: pick(user, ['_id', 'username']) }, secret, { expiresIn: '2m' } ); But when I want to check if the token was expired, this code doesn't work function isAuthenticated() { const token = localStorage.getItem('token'); …

Read More
How to send a token with an AJAX request from jQuery

I use express-jwt and create my token via jQuery and save it in my localStorage with: $.ajax({ url: "http://localhost:8080/login", type: 'POST', data: formData, error : function(err) { console.log('Error!', err) }, success: function(data) { console.log('Success!') …

Read More
How to use jti claim in a JWT

The JWT spec mentions a jti claim which allegedly can be used as a nonce to prevent replay attacks: The "jti" (JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner …

Read More