JSON Web Tokens (JWT) for Drupal Core

Submitted by dryer on Mon, 06/13/2016 - 18:58
JSON Web Token Logo

JWT (JSON Web Token) is a contemporary authentication method that is gaining popularity. Instead of sending back and forth cookies with each request, the JWT token is stored by the client and then sent to the server on each request.

Once the server receives the request with a token in the headers, then it is validated and the server then acts depending on if the user is considered valid or not. This is very commonly needed when working with a decoupled setup using GraphQL or RESTful APIs with rich front ends built with technologies such as Angular or React.js.

This JSON Web Tokens are already supported by third party modules, but some of them are a bit lacking in quality and thus for such core functionality JWT should be included in the future versions of the Drupal Core package.