JSON Web Token (JWT)

A compact, URL-safe token format with three base64-encoded segments: header, payload, and signature. Defined by RFC 7519. JWTs are the dominant format for ID tokens and bearer access tokens. Verify the signature; never trust unsigned JWTs.