DevAtlas

Learn

  • Dashboard
  • Learning Paths
  • All Categories
  • Topics

Practice

  • Interview Questions
  • Flashcards
  • Quizzes
  • Study Plans

Personal

  • Bookmarks
  • Notes
  • Progress
  • PDF Library
  • Settings
  • About
  1. All Categories
  2. Authentication and Authorization
0%

Authentication and Authorization

Sessions, tokens, JWT, OAuth, and the difference between proving who you are and what you can do.

Export PDF

Topics in this category

Authentication and Authorization

Authentication vs Authorization

Authentication proves who you are; authorization decides what you may do. Learn the difference and how it maps to HTTP 401 vs 403.

Beginner9 min read
Authentication and Authorization

JWT (JSON Web Tokens)

A JWT is a compact, signed token that carries claims about a user. Learn its three parts, why it is signed but not encrypted, and how to use it safely.

Intermediate11 min read
Authentication and Authorization

Access Tokens and Refresh Tokens

A short-lived access token proves who you are on every request; a long-lived refresh token quietly mints new ones. Learn why the split exists and how to store each safely.

Intermediate11 min read