alt Hacker NewsThey are!
But the systems that have been built around them are bad. Firstly in issuing these ‘root’ tokens at all, and secondly in not checking the claims properly.
A JWT is only as good as the systems it’s used by.
They are!
But the systems that have been built around them are bad. Firstly in issuing these ‘root’ tokens at all, and secondly in not checking the claims properly.
A JWT is only as good as the systems it’s used by.