Bird
0
0

What will happen if a JWT's signature does not match the header and payload during verification?

medium📝 Conceptual Q5 of 15
Rest API - Authentication and Authorization
What will happen if a JWT's signature does not match the header and payload during verification?
AThe payload is automatically refreshed
BThe token is accepted without verification
CThe token is considered invalid and rejected
DThe header is ignored but payload is accepted
Step-by-Step Solution
Solution:

  1. Step 1: Understand JWT signature role

    The signature ensures the token was not tampered with by verifying header and payload.

  2. Step 2: Consequence of signature mismatch

    If the signature does not match, the token is invalid and must be rejected for security.

  3. Final Answer:

    The token is considered invalid and rejected -> Option C

  4. Quick Check:

    Signature mismatch = Token rejected [OK]
Quick Trick: Invalid signature means reject token [OK]
Common Mistakes:
  • Accepting tokens without signature check
  • Assuming payload refresh on mismatch
  • Ignoring signature errors

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Rest API Quizzes
Authentication and Authorization - OAuth 2.0 overview - Quiz 11easy Error Handling - Human-readable error messages - Quiz 3easy Error Handling - Why consistent errors help developers - Quiz 6medium Error Handling - Problem Details (RFC 7807) format - Quiz 14medium Rate Limiting and Throttling - Per-user vs per-IP limits - Quiz 6medium Rate Limiting and Throttling - Graceful degradation - Quiz 9hard Rate Limiting and Throttling - Why rate limiting protects services - Quiz 6medium Rate Limiting and Throttling - Fixed window algorithm - Quiz 13medium Versioning Strategies - Why versioning prevents breaking changes - Quiz 12easy Versioning Strategies - Versioning best practices - Quiz 12easy