0

In a REST API, after a user logs in, the server issues a JWT. Which step correctly describes the flow for authenticating future requests using this JWT?

hard🚀 Application Q15 of Q15

Rest API - Authentication and Authorization

In a REST API, after a user logs in, the server issues a JWT. Which step correctly describes the flow for authenticating future requests using this JWT?

AClient sends JWT in URL query; server ignores signature and trusts token

BClient sends username and password with every request; server creates new JWT each time

CServer stores JWT in database and checks it on each request

DClient sends JWT in Authorization header; server verifies signature and extracts user info

Step-by-Step Solution

Solution:

Step 1: Understand JWT usage in REST API
After login, server issues JWT to client to prove identity without resending credentials.
Step 2: Identify correct authentication flow
Client sends JWT in Authorization header; server verifies signature and extracts user info to authenticate.
Final Answer:
Client sends JWT in Authorization header; server verifies signature and extracts user info -> Option D
Quick Check:
JWT sent in header and verified by server [OK]

Quick Trick: JWT goes in Authorization header, server verifies signature [OK]

Common Mistakes:

MISTAKES

Sending credentials every request instead of JWT
Storing JWT server-side defeats statelessness
Ignoring signature verification risks security

Master "Authentication and Authorization" in Rest API

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Time

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions

More Rest API Quizzes