Passing sensitive data through the token payload

Is there a way to pass a payload that cant be seen by other people?. I wanted to pass some sensitive data through the token and I am wondering if I can make them in accessible with out the secret key.

It’s never safe to send anything in the json token itself, only M2M is secure.

Web is totally unsecure part of any application.

1 Like

Hey there @dagimS welcome to the community!

Here to echo what @lonli.lokli has already said - Put simply, JWTs aren’t designed to store private data, but rather to prove that the data they hold is valid.

Hope this helps to clarify for you!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.