JWT Based Authentication

Learn how to enable JWT based authentication for your RPC endpoints.

JWT is a great way to secure your endpoints as it allows you to verify the authenticity of the requestor. This is done by verifying the signature of the JWT token using the public key provided by the user.

The only thing to make sure of is that the private key is kept secure. If the private key is compromised, the attacker can generate their own JWT tokens and access your endpoints.

Important Considerations:

  • The verification of authentication tokens is done using the RS256 algorithm
  • Requests lacking an authorization header will be denied if JWT authentication is enabled
  • The authorization header should be in the format Bearer <token>
  • The private key should be kept secure at all times
Token Based AuthenticationDomain Whitelisting