Why Is Cloud Security So Hard? (Hint: It’s Not)
Securing a new environment without knowing the rules of the road can be hard. Take the time to learn the rules and avoid speedbumps.
After doing some research on JWT Security and Best Practices, I made a collection of the best resources and readings.
I was doing a ton of research and reading on JWT token security and found a bunch of references that were useful (and many that were not!). Here they are, maybe they will help you too:
This was the best complete guide all in one place… #11 is my favorite!
Auth0 also has some excellent resources as well, here is one:
Here are some others:
They say they do everything client-side, but I’d be scared to put any real tokens in here…
There was also this really cool presentation made by OWASP about it.
And if you want to try at cracking some JWTs…
If you find any additional resources, please drop me an email.