JWT Based Authentication
Learn how to enable JWT based authentication for your RPC endpoints.
JWT is a great way to secure your endpoints as it allows you to verify the authenticity of the requestor. This is done by verifying the signature of the JWT token using the public key provided by the user.
The only thing to make sure of is that the private key is kept secure. If the private key is compromised, the attacker can generate their own JWT tokens and access your endpoints.
Important Considerations:
- The verification of authentication tokens is done using the
RS256
algorithm - Requests lacking an
authorization
header will be denied if JWT authentication is enabled - The
authorization
header should be in the formatBearer <token>
- The private key should be kept secure at all times