18,448 questions
Best practices
0
votes
4
replies
99
views
for a unified "Sync or Create" endpoint, should I use GET or POST?
I'm building an MMORPG where the backend returns a JWT after successful authentication.
POST /api/auth/register
POST /api/auth/login
The /api/hero endpoint returns hero information when a valid JWT is ...
Score of 1
0 answers
106 views
How to correctly compare two encoded jwt refresh tokens
I using jwt in fastpai app, and when I create access and refresh tokens on user login I also create user session for specific user id in database, so as I understood I need to encrypt refresh token ...
Advice
0
votes
0
replies
38
views
Jwt auth (access and refresh token) in next js with tRPC: not able to sync the client side and the server side ( access token and the user object)
I was working on a NextJs project with separate express backend, in which i used clerk before but since its a platform for a university and due to changings in the onboarding process i decided to move ...
Score of 2
1 answer
66 views
Securely storing error messages displayed to the application user in a database
Ultimately, I'd like to reduce the redundancy of identical error messages and even prevent potential DDoS attacks. I've developed the following method in the Spring Boot application. The goal is for ...
Score of -1
1 answer
70 views
How to access HTTP request headers (JWT) in a Ballerina MCP service for tool calls?
I am building an MCP (Model Context Protocol) server using Ballerina and exposing tools for an AI agent. I need to fetch user-specific data from a JWT (passed in the Authorization header of the HTTP ...
Score of 0
1 answer
149 views
JWT validation in wso2
We are trying to implement validation for an external JWT token. According to the docs we can use this simple method to achieve this by verifying the signing key with the jwks endpoint from the token ...
Score of 0
0 answers
77 views
Epic FHIR OAuth2 `client_credentials` with JWT returns `invalid_client` — what am I doing wrong?
I'm trying to obtain an access token from Epic's FHIR OAuth2 endpoint using the client_credentials grant with a signed JWT (client_assertion). I keep getting:
{
"error": "...
Tooling
0
votes
1
replies
148
views
How do I create an authentication feature with FastAPI and React?
How do I create an authentication feature with FastAPI and React? What tools can I use for this? Is using FastAPI-Users sufficient? Or are there other similar libraries? I also found a note in the ...
Advice
2
votes
1
replies
57
views
How is JWT more scalable than Session data
I have watched Session Vs JWT: The Differences You May Not Know! video and there is a notion of the fact that using JWT gives us better scalability because of the fact that we don't have to use ...
Score of 0
0 answers
150 views
I've made a JWT service and I yet have to solve the authorization issue with my attendance controller in the Web API layer what's the solution?
I'm working on an ASP.NET Core Web API with JWT authentication. I generate a token that includes a custom claim EmployeeId, and I try to read it inside my controller, but it is always returned as null ...
Best practices
0
votes
0
replies
48
views
Third party JWT or self-derived JWT
I'm using a third party identity provider for authentication towards my own services.
After an user finishes authentication, my IdP returns an JWT access token. The question is: What is the better ...
Score of -1
1 answer
93 views
Authorize filter attribute is returning signing key error, whereas it is 100% correct
I'm configuring authorization in my ASP.NET Core 8 project, and I get this error while testing JWT token auth via Swagger:
content-length: 0 date: Sun,12 Apr 2026 01:37:08 GMT server: Kestrel www-...
Advice
1
vote
0
replies
64
views
Jwt Authentication using access token and refresh token problem
My question is if we are using JWT auth for authentication, then where should i put my access token for calling APIs quickly so that my application feels fast as compare to other and also there is one ...
Score of 2
2 answers
136 views
Spring Security JWT user becoming null
I'm implementing authentication using Spring Security with JWT.
My login and register endpoints were working correctly before adding JWT. However, after implementing JWT and adding the security filter,...
Best practices
0
votes
0
replies
89
views
Recommended architecture for ASP.NET backend with JWT auth and Next.js SSR frontend (future mobile/desktop clients)?
I’m building a system with an ASP.NET backend that uses JWT-based authentication and a Next.js frontend with server-side rendering (SSR).
Currently:
Backend: ASP.NET (JWT auth)
Frontend: Next.js (...