beginner

What does JWT stand for and what is its main purpose?

JWT stands for JSON Web Token. Its main purpose is to securely transmit information between parties as a JSON object, often used for authentication.

Click to reveal answer

beginner

How is a JWT typically structured?

A JWT has three parts separated by dots: Header, Payload, and Signature. The Header describes the token type and algorithm, the Payload contains claims, and the Signature verifies the token's integrity.

Click to reveal answer

beginner

In GraphQL, where is the JWT usually sent from the client to the server?

The JWT is usually sent in the HTTP Authorization header as a Bearer token when making GraphQL requests.

Click to reveal answer

intermediate

What is the role of the JWT signature in integration?

The signature ensures the token was not altered and verifies the sender's identity by using a secret or public/private key pair.

Click to reveal answer

intermediate

How can you verify a JWT in a GraphQL server resolver?

You decode the JWT from the Authorization header, verify its signature and expiration, then use the decoded data (like user ID) to control access or fetch user info.

Click to reveal answer

What part of a JWT contains the user information or claims?

APayload

BHeader

CSignature

DToken type

How is a JWT usually sent in a GraphQL request?

AIn the HTTP Authorization header

BIn the query string

CAs a cookie only

DIn the response body

What does the JWT signature protect against?

AToken expiration

BToken size limits

CToken encoding

DToken tampering

Which algorithm is commonly used to sign JWTs?

ASHA-256

BRSA or HMAC

CMD5

DAES

What should a GraphQL server do if a JWT is expired?

AAccept the token anyway

BRefresh the token automatically

CReject the request and ask for re-authentication

DIgnore expiration and continue

Explain how JWT integration works in a GraphQL API from client request to server verification.

Describe the structure of a JWT and the role of each part in security.