Too Long; Didn't Read
A JWT, or JSON Web Token, is a string/token issued by the server that asserts properties contained in its "payload" Its most common use case is for authentication (OAuth 2.0 + Open ID Connect) and session management. JWTs are digitally signed using either a secret (HMAC) or a public/private key pair (RSA or ECDSA) This safeguards them from being modified by the client or an attacker. As soon as the token expires, however, the JWT is invalid and the client must reauthenticate with your server.