As described in the following slide, it is necessary that the client sends the jwt
back to the server by an Authorization Header
at the next request.
But how can I define the Authorization Header
and add the JWT to the server?
My current status is:
- User sends
username
andpassword
to the server by aPOST
request. - The server creates the the
JWT
. - The server sends the signed
JWT
back to the client and saves it in a cookie.
Now my questions:
In case of a Login:
As I understand it, now its necessary to send the JWT back to the server. The server verifies the token and sends it back to finish the login process.
How can I add the
JWT
to theAuthorization Header
?In case of running a process and receiving data from a calculation:
Do I understand right, that the client has to send the
JWT
from the login to the server and a secondJWT
with the data; or can I send the data byPOST
request?