prev <<
OAuth, RESTy APIs, Microservices, ...
>> next
Claims
JWTs are cool Tokens because the can be signed & even encrypted
If you are a API and receive a JWT, you can just verify the signature, look at the claims, and do whatever you (or the caller) wants to do.
For true stateless backends!