Bird
Raised Fist0

Find the bug in this JWT creation code:

medium📝 Debug Q7 of Q15
Rest API - Authentication and Authorization
Find the bug in this JWT creation code:
const jwt = require('jsonwebtoken');
const token = jwt.sign({ user: 'alice' }, 12345);
console.log(token);
AToken cannot be logged to console
BPayload must be a string, not an object
CMissing algorithm option in sign method
DSecret key should be a string, not a number
Step-by-Step Solution
Solution:

  1. Step 1: Check secret key type

    The secret key must be a string; here it is a number (12345), which is invalid.

  2. Step 2: Confirm payload and options

    Payload as object is correct; algorithm option is optional; logging token is allowed.

  3. Final Answer:

    Secret key should be a string, not a number -> Option D

  4. Quick Check:

    Secret key must be string [OK]
Quick Trick: Secret key must be string in jwt.sign [OK]
Common Mistakes:
MISTAKES
  • Using number as secret key
  • Thinking payload must be string
  • Believing algorithm option is mandatory

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Rest API Quizzes
Authentication and Authorization - Why API security is non-negotiable - Quiz 3easy Error Handling - Problem Details (RFC 7807) format - Quiz 12easy HATEOAS and Linking - Why hypermedia drives discoverability - Quiz 15hard Rate Limiting and Throttling - Retry-After header - Quiz 2easy Rate Limiting and Throttling - Sliding window algorithm - Quiz 8hard Rate Limiting and Throttling - Fixed window algorithm - Quiz 11easy Rate Limiting and Throttling - Graceful degradation - Quiz 2easy Versioning Strategies - Media type versioning - Quiz 15hard Versioning Strategies - Versioning best practices - Quiz 9hard Versioning Strategies - Header-based versioning - Quiz 7medium