

Reverse-Engineering Belgium: De Lijn - Allstar
http://demey.io/reverse-engineering-belgium-de-lijn/

======
chmike
Where could I find a clear explanation of JWT use ? I found this document
([http://self-issued.info/docs/draft-ietf-oauth-json-web-
token...](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html))
that describes the JWT encoding. But it doesn't discribe how it is supposed to
be used. Where it is stored, how it authenticates a user, etc.

What makes it better than a cookie session ID ? I don't get it.

~~~
Allstar
Auth0 has a nice article about the differences here:
[https://auth0.com/blog/2014/01/07/angularjs-
authentication-w...](https://auth0.com/blog/2014/01/07/angularjs-
authentication-with-cookies-vs-token/)

And you can play around with it using their interactive tool:
[http://jwt.io](http://jwt.io)

