Bird
Raised Fist0
IOT Protocolsdevops~10 mins

Token-based authentication (JWT) in IOT Protocols - Interactive Code Practice

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Practice - 5 Tasks
Answer the questions below
1fill in blank
easy

Complete the code to decode a JWT token using a secret key.

IOT Protocols
decoded = jwt.decode(token, [1], algorithms=["HS256"])
Drag options to blanks, or click blank then click option'
Apublic_key
Bauth_key
Ctoken_key
Dsecret_key
Attempts:
3 left
💡 Hint
Common Mistakes
Using a public key instead of the secret key.
Using the token itself as the key.
2fill in blank
medium

Complete the code to create a JWT token with a payload and secret.

IOT Protocols
token = jwt.encode({"user_id": 123}, [1], algorithm="HS256")
Drag options to blanks, or click blank then click option'
Apublic_key
Bjwt_token
Csecret_key
Dauth_token
Attempts:
3 left
💡 Hint
Common Mistakes
Using a public key or token variable instead of the secret key.
3fill in blank
hard

Fix the error in the code to verify the JWT token expiration.

IOT Protocols
payload = jwt.decode(token, secret, algorithms=["HS256"], options=[1])
Drag options to blanks, or click blank then click option'
A{"verify_exp": True}
B{"verify_exp": False}
C{"check_exp": True}
D{"validate_exp": False}
Attempts:
3 left
💡 Hint
Common Mistakes
Using incorrect option keys or disabling expiration verification.
4fill in blank
hard

Fill both blanks to create a JWT token with an expiration time of 1 hour.

IOT Protocols
payload = {"user": "iot_device", "exp": datetime.datetime.utcnow() [1] datetime.timedelta([2]=1)}
token = jwt.encode(payload, secret, algorithm="HS256")
Drag options to blanks, or click blank then click option'
A+
B-
Chours
Dminutes
Attempts:
3 left
💡 Hint
Common Mistakes
Using '-' instead of '+', or using 'minutes' instead of 'hours'.
5fill in blank
hard

Fill all three blanks to extract the user ID from a decoded JWT payload safely.

IOT Protocols
user_id = payload.get([1], [2]) if payload and payload.get([3]) else None
Drag options to blanks, or click blank then click option'
A"user_id"
BNone
D"id"
Attempts:
3 left
💡 Hint
Common Mistakes
Using wrong keys or not providing a default value.

Practice

(1/5)
1. What is the main purpose of a JWT (JSON Web Token) in IoT device communication?
easy
A. To store large files securely on the device
B. To encrypt all data sent between devices
C. To prove the device's identity without sending passwords repeatedly
D. To replace the device's IP address

Solution

  1. Step 1: Understand JWT role in authentication

    JWT tokens are used to prove identity securely without resending passwords each time.

  2. Step 2: Compare options with JWT purpose

    Only To prove the device's identity without sending passwords repeatedly matches this purpose; others describe unrelated functions.

  3. Final Answer:

    To prove the device's identity without sending passwords repeatedly -> Option C

  4. Quick Check:

    JWT = Identity proof without password [OK]
Hint: JWTs prove identity without passwords [OK]
Common Mistakes:
  • Thinking JWT encrypts all data
  • Confusing JWT with file storage
  • Assuming JWT replaces IP addresses
2. Which of the following is the correct structure of a JWT token?
easy
A. header.payload.signature
B. payload.header.signature
C. signature.payload.header
D. header.signature.payload

Solution

  1. Step 1: Recall JWT token parts order

    A JWT consists of three parts separated by dots: header, payload, and signature in that order.

  2. Step 2: Match options with correct order

    Only header.payload.signature shows header.payload.signature correctly.

  3. Final Answer:

    header.payload.signature -> Option A

  4. Quick Check:

    JWT format = header.payload.signature [OK]
Hint: JWT parts order: header, payload, signature [OK]
Common Mistakes:
  • Mixing the order of parts
  • Placing signature before payload
  • Confusing payload and header positions
3. Given this JWT payload JSON: {"sub":"device123","exp":1700000000}, what does the "exp" field represent?
medium
A. The token's signature
B. The device's unique ID
C. The encryption algorithm used
D. The token's expiration time as a Unix timestamp

Solution

  1. Step 1: Identify the meaning of 'exp' in JWT payload

    The 'exp' field stands for expiration time, given as a Unix timestamp.

  2. Step 2: Match 'exp' meaning with options

    The token's expiration time as a Unix timestamp correctly states it is the token's expiration time; others are unrelated.

  3. Final Answer:

    The token's expiration time as a Unix timestamp -> Option D

  4. Quick Check:

    exp = expiration time [OK]
Hint: "exp" means token expiration time [OK]
Common Mistakes:
  • Confusing 'exp' with device ID
  • Thinking 'exp' is encryption info
  • Mixing 'exp' with signature data
4. You receive this JWT token string: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkZXZpY2UxMjMiLCJleHAiOjE3MDAwMDAwMDB9. When verifying, you get an error about the signature. What is the most likely cause?
medium
A. The token is missing the expiration field
B. The token's signature does not match because the secret key used is incorrect
C. The header is not base64 encoded
D. The payload is missing the device ID

Solution

  1. Step 1: Understand signature verification in JWT

    Signature errors usually happen when the secret key used to verify does not match the one used to sign.

  2. Step 2: Check other options for signature error cause

    Missing payload fields or encoding issues cause different errors, not signature mismatch.

  3. Final Answer:

    The token's signature does not match because the secret key used is incorrect -> Option B

  4. Quick Check:

    Signature error = wrong secret key [OK]
Hint: Signature errors usually mean wrong secret key [OK]
Common Mistakes:
  • Assuming missing fields cause signature errors
  • Ignoring base64 encoding correctness
  • Thinking expiration absence causes signature failure
5. You want to limit IoT device access by making JWT tokens expire after 10 minutes. Which approach correctly sets this expiration in the token payload?
hard
A. Set the "exp" field to the current Unix timestamp plus 600 seconds
B. Set the "iat" field to 600
C. Set the "exp" field to the current date string
D. Omit the "exp" field to allow unlimited token life

Solution

  1. Step 1: Understand JWT expiration setting

    The 'exp' field must be a Unix timestamp indicating when the token expires, so add 600 seconds (10 minutes) to current time.

  2. Step 2: Evaluate other options

    'iat' is issued-at time, not expiration; date string is invalid format; omitting 'exp' disables expiration.

  3. Final Answer:

    Set the "exp" field to the current Unix timestamp plus 600 seconds -> Option A

  4. Quick Check:

    Use 'exp' with timestamp + 600 seconds [OK]
Hint: Use 'exp' = now + 600 seconds for 10-minute expiry [OK]
Common Mistakes:
  • Using 'iat' instead of 'exp' for expiration
  • Setting 'exp' as a date string
  • Leaving out 'exp' to limit token life