VOOZH about

URL: https://www.geeksforgeeks.org/node-js/jwt-authentication-with-node-js/

⇱ JWT Authentication In Node.js - GeeksforGeeks

  • Courses
  • Tutorials
  • Interview Prep

JWT Authentication In Node.js

Last Updated : 23 Jul, 2025

In modern web development, ensuring secure and efficient user authentication is paramount. JSON Web Tokens (JWT) offer a robust solution for token-based authentication, enabling secure transmission of user information between parties.

This article provides a step-by-step approach to implementing JWT authentication in Node.js applications, enhancing the security of your APIs.​

What is JWT?

JWT (JSON Web Token) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. These tokens are digitally signed, ensuring the integrity and authenticity of the data they carry.​

How JWT Works

JWTs consist of three parts: the header, payload, and signature. The payload contains the user data, and the signature ensures that the token hasn't been altered. Implementing JWT in Node.js allows you to secure your APIs while maintaining scalability and efficiency.

1. Header

The header typically consists of two parts: the type of token (JWT) and the signing algorithm being used, such as HMAC SHA256 or RSA.

{
 "alg": "HS256",
 "typ": "JWT"
}

2. Payload

The payload contains the claims, which are statements about an entity (typically, the user) and additional data. There are three types of claims: registered, public, and private claims.

{
 "sub": "1234567890",
 "name": "Aman Gupta",
 "admin": true
}

3. Signature

To create the signature part, you have to take the encoded header, the encoded payload, a secret, and the algorithm specified in the header and sign that.

HMACSHA256(
 base64UrlEncode(header) + "." +
 base64UrlEncode(payload),
 secret)

Steps To Implement JWT Authentication In Node.js

Step 1: Initialize the node application using the following command.

npm init -y

Step 2: Installing required packages

npm install express dotenv jsonwebtoken
  • express: Web framework for Node.js.​
  • dotenv: Loads environment variables from a .env file.​
  • jsonwebtoken: Library to sign and verify JWTs

Step 3: Create Configuration File (.env).

PORT = 5000
JWT_SECRET_KEY = gfg_jwt_secret_key
TOKEN_HEADER_KEY = gfg_token_header_key

Project Structure

👁 Image
Project Structure

Dependencies

"dependencies": {
 "dotenv": "^16.4.5",
 "express": "^4.19.2",
 "jsonwebtoken": "^9.0.2"
 }

Example: Below is the code example of the JWT Authentication with Node JS


To start the application run the following command.

node app.js

Output

POST Request

👁 Image

POST Response

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0aW1lIjoiTW9uIEp
hbiAxOCAyMDIxIDE2OjM2OjU3IEdNVCswNTMwIChJbmRpYSBT
dGFuZGFyZCBU aW1lKSIsInVzZXJJZCI6MTIsImlhdCI6MTYxMDk2O
DAxN30.QmWFjXhP6YtbzDAHlcE7mDMyXIdnTv1c9xOBCakNZ94

GET Request:

👁 Image

GET Request Header:

👁 Image

GET Response:

Successfully Verified


Comment

Explore