Too Long; Didn't Read
Many modern web applications use JWTs (JWTs) for authentication. When things don't work, it can be tricky to work out why. This post aims to give you some tactics for understanding and correcting problems with JWT. It should be three sets of garbled-looking alphanumeric strings (technically, upper and lower case characters, numeric digits, `+` and `/` are permitted, with `=` used for padding), separated by dots. Sometimes the problem we think is the token is actually something completely different!