{"id":76205,"date":"2024-07-29T09:45:21","date_gmt":"2024-07-29T02:45:21","guid":{"rendered":"https:\/\/itviec.com\/blog\/?p=76205"},"modified":"2024-07-29T09:45:21","modified_gmt":"2024-07-29T02:45:21","slug":"json-web-token-la-gi","status":"publish","type":"post","link":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/","title":{"rendered":"JSON Web Token l\u00e0 g\u00ec: \u0110\u1ecbnh ngh\u0129a v\u00e0 c\u00e1ch ho\u1ea1t \u0111\u1ed9ng"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">N\u1ed9i dung b\u00e0i vi\u1ebft<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#Dinh_nghia_ve_JSON_Web_Token\" >\u0110\u1ecbnh ngh\u0129a v\u1ec1 JSON Web Token<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#JSON_Web_Token_hoat_dong_nhu_the_nao\" >JSON Web Token ho\u1ea1t \u0111\u1ed9ng nh\u01b0 th\u1ebf n\u00e0o?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#Cau_truc_co_ban_cua_JSON_Web_Token\" >C\u1ea5u tr\u00fac c\u01a1 b\u1ea3n c\u1ee7a JSON Web Token<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#Khi_nao_nen_su_dung_JSON_Web_Token_Mot_so_diem_manh_va_diem_yeu\" >Khi n\u00e0o n\u00ean s\u1eed d\u1ee5ng JSON Web Token? M\u1ed9t s\u1ed1 \u0111i\u1ec3m m\u1ea1nh v\u00e0 \u0111i\u1ec3m y\u1ebfu\u00a0<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#JSON_Web_Token_Claims\" >JSON Web Token Claims<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#Cau_hoi_thuong_gap_ve_JSON_Web_Token\" >C\u00e2u h\u1ecfi th\u01b0\u1eddng g\u1eb7p v\u1ec1 JSON Web Token<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#Tong_ket_ve_JSON_Web_Token\" >T\u1ed5ng k\u1ebft v\u1ec1 JSON Web Token<\/a><\/li><\/ul><\/nav><\/div>\n<p><b><i>JSON Web Token (hay c\u00f2n g\u1ecdi l\u00e0 JWT) l\u00e0 m\u00e3 th\u00f4ng b\u00e1o nh\u1ecf g\u1ecdn, an to\u00e0n v\u1edbi URL \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 truy\u1ec1n th\u00f4ng tin m\u1ed9t c\u00e1ch an to\u00e0n gi\u1eefa c\u00e1c \u0111\u1ed1i t\u01b0\u1ee3ng JSON. B\u00ean c\u1ea1nh \u0111\u00f3, ch\u00fang c\u00f2n \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 x\u00e1c th\u1ef1c v\u00e0 trao \u0111\u1ed5i. V\u1eady JSON Web Token \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng nh\u01b0 th\u1ebf n\u00e0o v\u00e0 c\u00f3 ch\u1ee9c n\u0103ng g\u00ec trong l\u1eadp tr\u00ecnh web?<\/i><\/b><\/p>\n<p><span style=\"font-weight: 400;\">\u0110\u1ecdc b\u00e0i vi\u1ebft sau \u0111\u00e2y \u0111\u1ec3 t\u00ecm hi\u1ec3u chi ti\u1ebft h\u01a1n v\u1ec1:\u00a0<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">T\u1ed5ng quan JSON Web Token v\u1ec1 c\u00e1c y\u1ebfu t\u1ed1 nh\u01b0 \u0111\u1ecbnh ngh\u0129a, c\u00e1ch ho\u1ea1t \u0111\u1ed9ng v\u00e0 nh\u1eefng \u0111i\u1ec3m m\u1ea1nh, c\u00f2n h\u1ea1n ch\u1ebf<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">C\u1ea5u tr\u00fac s\u1eed d\u1ee5ng c\u01a1 b\u1ea3n c\u1ee7a JSON Web Token<\/span><\/li>\n<\/ul>\n<blockquote><p><em>\u0110\u1ecdc th\u00eam: <a href=\"https:\/\/itviec.com\/blog\/json-la-gi\/\" target=\"_blank\" rel=\"noopener\"><strong>JSON l\u00e0 g\u00ec? C\u00e1c lo\u1ea1i d\u1eef li\u1ec7u JSON l\u00e0 g\u00ec v\u00e0 \u00e1p d\u1ee5ng th\u1ebf n\u00e0o?<\/strong><\/a><\/em><\/p><\/blockquote>\n<h2><span class=\"ez-toc-section\" id=\"Dinh_nghia_ve_JSON_Web_Token\"><\/span><b> \u0110\u1ecbnh ngh\u0129a v\u1ec1 JSON Web Token<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">JSON Web Token (hay c\u00f2n g\u1ecdi l\u00e0 JWT) l\u00e0 m\u1ed9t ti\u00eau chu\u1ea9n m\u00e3 ngu\u1ed3n m\u1edf (open industry standard) \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 chia s\u1ebb th\u00f4ng tin an to\u00e0n, kh\u00e9p k\u00edn gi\u1eefa hai th\u1ef1c th\u1ec3, th\u01b0\u1eddng l\u00e0 m\u00e1y kh\u00e1ch (ch\u1eb3ng h\u1ea1n nh\u01b0 frontend c\u1ee7a \u1ee9ng d\u1ee5ng) v\u00e0 m\u00e1y ch\u1ee7 (backend c\u1ee7a \u1ee9ng d\u1ee5ng).<\/span><\/p>\n<p><span style=\"font-weight: 400;\">JSON Web Token ch\u1ee9a c\u00e1c \u0111\u1ed1i t\u01b0\u1ee3ng JSON c\u00f3 th\u00f4ng tin c\u1ea7n \u0111\u01b0\u1ee3c chia s\u1ebb. M\u1ed7i JWT s\u1eed d\u1ee5ng ch\u1eef k\u00fd s\u1ed1 (digital signature). C\u00e1c b\u00ean s\u1ebd s\u1eed d\u1ee5ng m\u1eadt m\u00e3 kh\u00f3a \u0111\u1ed1i x\u1ee9ng (c\u00f9ng v\u1edbi HMAC) ho\u1eb7c d\u00f9ng c\u1eb7p kh\u00f3a c\u00f4ng khai\/ri\u00eang t\u01b0 (public\/private key pairs) \u0111\u1ec3 th\u1ef1c hi\u1ec7n k\u00fd s\u1ed1 (signed).<\/span><\/p>\n<p><span style=\"font-weight: 400;\">V\u00ed d\u1ee5 nh\u01b0 khi b\u1ea1n \u0111\u0103ng nh\u1eadp Google, Google s\u1ebd ph\u00e1t h\u00e0nh JWT ch\u1ee9a c\u00e1c x\u00e1c nh\u1eadn quy\u1ec1n s\u1edf h\u1eefu (claims) ho\u1eb7c JSON payload nh\u01b0 sau:<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">{<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \u00a0 <\/span><span style=\"font-weight: 400;\">\"iss\"<\/span><span style=\"font-weight: 400;\">: <\/span><span style=\"font-weight: 400;\">\"https:\/\/accounts.google.com\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \u00a0 <\/span><span style=\"font-weight: 400;\">\"azp\"<\/span><span style=\"font-weight: 400;\">: <\/span><span style=\"font-weight: 400;\">\"1234987819200.apps.googleusercontent.com\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \u00a0 <\/span><span style=\"font-weight: 400;\">\"aud\"<\/span><span style=\"font-weight: 400;\">: <\/span><span style=\"font-weight: 400;\">\"1234987819200.apps.googleusercontent.com\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \u00a0 <\/span><span style=\"font-weight: 400;\">\"sub\"<\/span><span style=\"font-weight: 400;\">: <\/span><span style=\"font-weight: 400;\">\"10769150350006150715113082367\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \u00a0 <\/span><span style=\"font-weight: 400;\">\"at_hash\"<\/span><span style=\"font-weight: 400;\">: <\/span><span style=\"font-weight: 400;\">\"HK6E_P6Dh8Y93mRNtsDB1Q\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \u00a0 <\/span><span style=\"font-weight: 400;\">\"email\"<\/span><span style=\"font-weight: 400;\">: <\/span><span style=\"font-weight: 400;\">\"jsmith@example.com\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \u00a0 <\/span><span style=\"font-weight: 400;\">\"email_verified\"<\/span><span style=\"font-weight: 400;\">: <\/span><span style=\"font-weight: 400;\">\"true\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \u00a0 <\/span><span style=\"font-weight: 400;\">\"iat\"<\/span><span style=\"font-weight: 400;\">: <\/span><span style=\"font-weight: 400;\">1353601026<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \u00a0 <\/span><span style=\"font-weight: 400;\">\"exp\"<\/span><span style=\"font-weight: 400;\">: <\/span><span style=\"font-weight: 400;\">1353604926<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \u00a0 <\/span><span style=\"font-weight: 400;\">\"nonce\"<\/span><span style=\"font-weight: 400;\">: <\/span><span style=\"font-weight: 400;\">\"0394852-3190485-2490358\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \u00a0 <\/span><span style=\"font-weight: 400;\">\"hd\"<\/span><span style=\"font-weight: 400;\">: <\/span><span style=\"font-weight: 400;\">\"example.com\"<\/span>\r\n<span style=\"font-weight: 400;\">}<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">B\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng \u0111o\u1ea1n m\u00e3 tr\u00ean, \u1ee9ng d\u1ee5ng s\u1ebd s\u1eed d\u1ee5ng t\u00ednh n\u0103ng \u0111\u0103ng nh\u1eadp b\u1eb1ng Google \u0111\u1ec3 bi\u1ebft ch\u00ednh x\u00e1c ng\u01b0\u1eddi d\u00f9ng cu\u1ed1i c\u00f9ng l\u00e0 ai.\u00a0<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"JSON_Web_Token_hoat_dong_nhu_the_nao\"><\/span><b> JSON Web Token ho\u1ea1t \u0111\u1ed9ng nh\u01b0 th\u1ebf n\u00e0o?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3><b>T\u1ea1o JSON Payload<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">B\u01b0\u1edbc \u0111\u1ea7u ti\u00ean trong qu\u00e1 tr\u00ecnh ho\u1ea1t \u0111\u1ed9ng c\u1ee7a JWT ch\u00ednh l\u00e0 t\u1ea1o m\u1ed9t JSON payload v\u00e0 sau \u0111\u00f3 ti\u1ebfn h\u00e0nh x\u00e1c minh n\u00f3:<\/span><\/p>\n<pre>{\r\n\u00a0 \u00a0 \"userId\": \"abcd123\",\r\n\u00a0 \u00a0 \"expiry\": 1646635611301\r\n}\r\n<b><\/b><\/pre>\n<h3><b>T\u1ea1o kh\u00f3a k\u00fd JWT v\u00e0 quy\u1ebft \u0111\u1ecbnh thu\u1eadt to\u00e1n<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Sau \u0111\u00f3, b\u1ea1n c\u1ea7n m\u1ed9t kh\u00f3a k\u00fd v\u00e0 m\u1ed9t thu\u1eadt to\u00e1n \u0111\u1ec3 s\u1eed d\u1ee5ng. Ch\u00fang t\u00f4i c\u00f3 th\u1ec3 t\u1ea1o kh\u00f3a k\u00fd b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng b\u1ea5t k\u1ef3 ngu\u1ed3n ng\u1eabu nhi\u00ean an to\u00e0n n\u00e0o.V\u1edbi v\u00ed d\u1ee5 n\u00e0y, b\u1ea1n c\u00f3 s\u1eed d\u1ee5ng c\u00e1c kh\u00f3a k\u00fd v\u00e0 thu\u1eadt to\u00e1n nh\u01b0 sau:<\/span><\/p>\n<p><b>Kh\u00f3a k\u00fd:<\/b><\/p>\n<pre><span style=\"font-weight: 400;\">NTNv7j0TuYARvmNMmWXo6fKvM4o6nv\/aUi9ryX38ZH+L1bkrnD1ObOQ8JAUmHCBq7Iy7otZcyAagBLHVKvvYaIpmMuxmARQ97jUVG16Jkpkp1wXOPsrF9zwew6TpczyHkHgX5EuLg2MeBuiT\/qJACs1J0apruOOJCg\/gOtkjB4c=<\/span><\/pre>\n<p><b>Thu\u1eadt to\u00e1n:<\/b><\/p>\n<pre><span style=\"font-weight: 400;\">HMAC + SHA256<\/span><span style=\"font-weight: 400;\"> hay c\u00f2n g\u1ecdi l\u00e0 <\/span><span style=\"font-weight: 400;\">HS256<\/span><span style=\"font-weight: 400;\">.<\/span><b><\/b><\/pre>\n<h3><b>T\u1ea1o Header<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">\u0110i\u1ec1u n\u00e0y ch\u1ee9a th\u00f4ng tin v\u1ec1 thu\u1eadt n\u00e0o \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng. Gi\u1ed1ng nh\u01b0 payload, \u0111\u00e2y c\u0169ng l\u00e0 JSON v\u00e0 s\u1ebd \u0111\u01b0\u1ee3c th\u00eam v\u00e0o ph\u1ea7n \u0111\u1ea7u c\u1ee7a JWT.<\/span><\/p>\n<pre>{\r\n\u00a0 \u00a0 \"typ\": \"JWT\",\r\n\u00a0 \u00a0 \"alg\": \"HS256\"\r\n}<b><\/b><\/pre>\n<h3><b>T\u1ea1o ch\u1eef k\u00fd<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">\u0110\u1ea7u ti\u00ean, x\u00f3a t\u1ea5t c\u1ea3 kho\u1ea3ng tr\u1eafng kh\u1ecfi payload JSON v\u00e0 sau \u0111\u00f3 m\u00e3 h\u00f3a base64 \u0111\u1ec3 cung c\u1ea5p. C\u00f3 th\u1ec3 d\u00e1n chu\u1ed7i n\u00e0y v\u00e0o b\u1ed9 gi\u1ea3i m\u00e3 base64 tr\u1ef1c tuy\u1ebfn \u0111\u1ec3 truy xu\u1ea5t JSON:<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">eyJ1c2VySWQiOiJhYmNkMTIzIiwiZXhwaXJ5IjoxNjQ2NjM1NjExMzAxfQ<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">T\u01b0\u01a1ng t\u1ef1, x\u00f3a kho\u1ea3ng tr\u1eafng kh\u1ecfi header JSON v\u00e0 m\u00e3 h\u00f3a base64 v\u1edbi chu\u1ed7i<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9\u00a0<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">Sau \u0111\u00f3, n\u1ed1i c\u1ea3 hai chu\u1ed7i c\u01a1 s\u1edf<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">&lt;header&gt;.&lt;payload&gt;<\/span><span style=\"font-weight: 400;\">, <\/span><span style=\"font-weight: 400;\">eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiJhYmNkMTIzIiwiZXhwaXJ5IjoxNjQ2NjM1NjExMzAxfQ<\/span><span style=\"font-weight: 400;\">.<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">\u0110o\u1ea1n m\u00e3 v\u00ed d\u1ee5 cho chu\u1ed7i n\u1ed1i tr\u00ean nh\u01b0 sau:<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">Base64URLSafe(<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0HMACSHA256(\"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiJhYmNkMTIzIiwiZXhwaXJ5IjoxNjQ2NjM1NjExMzAxfQ\", \"NTNv7j0TuYARvmNMmWXo6fKvM4o6nv\/aUi9ryX38ZH+L1bkrnD1ObOQ8JAUmHCBq7Iy7otZcyAagBLHVKvvYaIpmMuxmARQ97jUVG16Jkpkp1wXOPsrF9zwew6TpczyHkHgX5EuLg2MeBuiT\/qJACs1J0apruOOJCg\/gOtkjB4c=\")<\/span>\r\n\r\n<span style=\"font-weight: 400;\">)<\/span><\/pre>\n<h3><b>T\u1ea1o JWT<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Cu\u1ed1i c\u00f9ng, n\u1ed1i th\u00eam ch\u1eef k\u00fd \u0111\u01b0\u1ee3c t\u1ea1o nh\u01b0 <\/span><span style=\"font-weight: 400;\">&lt;header&gt;.&lt;payload&gt;.&lt;signature&gt;<\/span><span style=\"font-weight: 400;\"> \u0111\u1ec3 t\u1ea1o JWT:\u00a0<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiJhYmNkMTIzIiwiZXhwaXJ5IjoxNjQ2NjM1NjExMzAxfQ.3Thp81rDFrKXr3WrY1MyMnNK8kKoZBX9lg-JwFznR-M<\/span><\/pre>\n<h3><b>X\u00e1c minh JWT<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">M\u00e1y ch\u1ee7 x\u00e1c th\u1ef1c s\u1ebd g\u1eedi JWT tr\u1edf l\u1ea1i giao di\u1ec7n ng\u01b0\u1eddi d\u00f9ng. Giao di\u1ec7n ng\u01b0\u1eddi d\u00f9ng s\u1ebd \u0111\u00ednh k\u00e8m JWT v\u00e0o c\u00e1c y\u00eau c\u1ea7u m\u1ea1ng t\u1edbi l\u1edbp API c\u1ee7a m\u00e1y kh\u00e1ch. API s\u1ebd th\u1ef1c hi\u1ec7n x\u00e1c minh JWT nh\u01b0 sau:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">T\u00ecm n\u1ea1p header c\u1ee7a JWT, <\/span><span style=\"font-weight: 400;\">eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">C\u00f3 gi\u1ea3i m\u00e3 base64 header \u0111\u1ec3 l\u1ea5y v\u0103n b\u1ea3n JSON \u0111\u01a1n gi\u1ea3n: <\/span><span style=\"font-weight: 400;\">{&#8220;typ&#8221;:&#8221;JWT&#8221;,&#8221;alg&#8221;:&#8221;HS256&#8243;}<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">X\u00e1c minh gi\u00e1 tr\u1ecb c\u1ee7a <\/span><span style=\"font-weight: 400;\">typ<\/span><span style=\"font-weight: 400;\"> ph\u1ea3i l\u00e0<\/span><span style=\"font-weight: 400;\"> JWT<\/span><span style=\"font-weight: 400;\"> v\u00e0 gi\u00e1 tr\u1ecb c\u1ee7a <\/span><span style=\"font-weight: 400;\">alg<\/span><span style=\"font-weight: 400;\"> ph\u1ea3i l\u00e0 <\/span><span style=\"font-weight: 400;\">HS256<\/span><span style=\"font-weight: 400;\">. N\u1ebfu kh\u00f4ng, n\u00f3 s\u1ebd t\u1eeb ch\u1ed1i JWT.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">T\u00ecm n\u1ea1p kh\u00f3a b\u00ed m\u1eadt v\u00e0 ch\u1ea1y c\u00f9ng thao t\u00e1c <\/span><span style=\"font-weight: 400;\">Base64URLSafe(HMACSHA256(&#8230;))<\/span> <span style=\"font-weight: 400;\">v\u1edbi header v\u00e0 payload c\u1ee7a JWT.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Ki\u1ec3m tra ch\u1eef k\u00fd \u0111\u01b0\u1ee3c t\u1ea1o c\u00f3 gi\u1ed1ng v\u1edbi ch\u1eef k\u00fd t\u1eeb JWT hay kh\u00f4ng, n\u1ebfu kh\u00f4ng gi\u1ed1ng th\u00ec JWT s\u1ebd b\u1ecb t\u1eeb ch\u1ed1i.<\/span><\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"Cau_truc_co_ban_cua_JSON_Web_Token\"><\/span><b>C\u1ea5u tr\u00fac c\u01a1 b\u1ea3n c\u1ee7a JSON Web Token<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">M\u1ed9t JSON Token Web \u0111\u01b0\u1ee3c \u0111\u1ecbnh d\u1ea1ng \u0111\u00fang s\u1ebd bao g\u1ed3m ba chu\u1ed7i \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a Base64url-encoded v\u00e0 ph\u00e2n c\u00e1ch b\u1eb1ng d\u1ea5u ch\u1ea5m (.), c\u1ea5u tr\u00fac c\u1ee5 th\u1ec3 nh\u01b0 sau:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Header:<\/b><span style=\"font-weight: 400;\"> Ch\u1ee9a si\u00eau d\u1eef li\u1ec7u v\u1ec1 lo\u1ea1i m\u00e3 th\u00f4ng b\u00e1o v\u00e0 s\u1eed d\u1ee5ng thu\u1eadt to\u00e1n m\u00e3 h\u00f3a \u0111\u1ec3 t\u0103ng t\u00ednh b\u1ea3o m\u1eadt c\u1ee7a n\u1ed9i dung.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Payload:<\/b><span style=\"font-weight: 400;\"> Ch\u1ee9a c\u00e1c tuy\u00ean b\u1ed1 b\u1ea3o m\u1eadt c\u00f3 th\u1ec3 ki\u1ec3m ch\u1ee9ng \u0111\u01b0\u1ee3c, ch\u1eb3ng h\u1ea1n nh\u01b0 danh t\u00ednh c\u1ee7a ng\u01b0\u1eddi d\u00f9ng hay c\u00e1c quy\u1ec1n m\u00e0 h\u1ecd \u0111\u01b0\u1ee3c ph\u00e9p.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Signature: <\/b><span style=\"font-weight: 400;\">\u0110\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 x\u00e1c th\u1ef1c r\u1eb1ng m\u00e3 th\u00f4ng b\u00e1o (token) \u0111\u00e1ng tin c\u1eady v\u00e0 kh\u00f4ng b\u1ecb gi\u1ea3 m\u1ea1o. Khi s\u1eed d\u1ee5ng JWT, b\u1ea1n n\u00ean ki\u1ec3m tra ch\u1eef k\u00fd t\u1eeb JWT tr\u01b0\u1edbc khi ti\u1ebfn h\u00e0nh l\u01b0u tr\u1eef hay s\u1eed d\u1ee5ng ch\u00fang.<\/span><\/li>\n<\/ul>\n<h3><b>Header<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Header trong JWT ch\u1ee7 y\u1ebfu \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 m\u00f4 t\u1ea3 c\u00e1c ph\u01b0\u01a1ng ph\u00e1p m\u00e3 h\u00f3a \u0111\u01b0\u1ee3c \u00e1p d\u1ee5ng cho JSON Web Token nh\u01b0 k\u00fd (signing) hay m\u00e3 h\u00f3a (encryption). C\u00e1c ho\u1ea1t \u0111\u1ed9ng m\u00e3 h\u00f3a trong header gi\u00fap x\u00e1c \u0111\u1ecbnh xem JWT \u0111\u01b0\u1ee3c k\u00fd hay \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a hay s\u1eed d\u1ee5ng k\u1ef9 thu\u1eadt thu\u1eadt to\u00e1n n\u00e0o.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Header c\u0169ng c\u00f3 th\u1ec3 ch\u1ee9a d\u1eef li\u1ec7u v\u1ec1 lo\u1ea1i ph\u01b0\u01a1ng ti\u1ec7n ho\u1eb7c n\u1ed9i dung c\u1ee7a th\u00f4ng tin. Th\u00f4ng tin n\u00e0y s\u1ebd hi\u1ec3n th\u1ecb d\u01b0\u1edbi d\u1ea1ng \u0111\u1ed1i t\u01b0\u1ee3ng JSON, sau \u0111\u00f3 JSON s\u1ebd \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a th\u00e0nh Base64url. Header \u0111\u01a1n gi\u1ea3n c\u1ee7a JWT nh\u01b0 sau:<\/span><\/p>\n<pre>{\r\n\u00a0 \u00a0 \"typ\": \"JWT\",\r\n\u00a0 \u00a0 \"alg\": \"HS256\"\r\n}<\/pre>\n<p><span style=\"font-weight: 400;\">V\u1edbi v\u00ed d\u1ee5 tr\u00ean, b\u1ea1n c\u00f3 th\u1ec3 th\u1ea5y:\u00a0<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">typ: C\u1eb7p kh\u00f3a \u0111\u1ed1i t\u01b0\u1ee3ng c\u00f3 ch\u1ee9c n\u0103ng c\u00f4ng c\u1ea5p m\u1ecdi lo\u1ea1i header c\u1ee7a g\u00f3i th\u00f4ng tin.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">alg: Cho bi\u1ebft thu\u1eadt to\u00e1n m\u00e3 h\u00f3a \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng.<\/span><\/li>\n<\/ul>\n<h3><b>Payload<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Payload l\u00e0 m\u1ed9t ph\u1ea7n trong JWT v\u00e0 l\u00e0 n\u01a1i l\u01b0u tr\u1eef c\u00e1c d\u1eef li\u1ec7u c\u1ee7a ng\u01b0\u1eddi d\u00f9ng, d\u1eef li\u1ec7u n\u00e0y c\u00f2n \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0 JWT claims. Th\u00f4ng tin n\u00e0y \u0111\u01b0\u1ee3c hi\u1ec3n th\u1ecb d\u01b0\u1edbi d\u1ea1ng \u0111\u1ed1i t\u01b0\u1ee3ng JSON, sau \u0111\u00f3 \u0111\u1ed1i t\u01b0\u1ee3ng JSON n\u00e0y s\u1ebd \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a th\u00e0nh Base64url. B\u1ea1n c\u00f3 th\u1ec3 \u0111\u1eb7t nhi\u1ec1u quy\u1ec1n x\u00e1c nh\u1eadn s\u1edf h\u1eefu v\u00e0 \u0111i\u1ec1u n\u00e0y l\u00e0 kh\u00f4ng b\u1eaft bu\u1ed9c trong m\u1ed9t payload, kh\u00e1c v\u1edbi header.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">C\u1ea5u tr\u00fac c\u1ee7a m\u1ed9t payload \u0111\u01b0\u1ee3c hi\u1ec3n th\u1ecb nh\u01b0 sau:\u00a0<\/span><\/p>\n<pre>{\r\n\u00a0 \u00a0 \"userId\": \"b07f85be-45da\",\r\n\u00a0 \u00a0 \"iss\": \"https:\/\/provider.domain.com\/\",\r\n\u00a0 \u00a0 \"sub\": \"auth\/some-hash-here\",\r\n\u00a0 \u00a0 \"exp\": 153452683\r\n}<b><\/b><\/pre>\n<h3><b>Signature<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">\u0110\u00e2y l\u00e0 ph\u1ea7n th\u1ee9 ba c\u1ee7a JWT \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 x\u00e1c minh t\u00ednh x\u00e1c th\u1ef1c c\u1ee7a token. Header v\u00e0 payload \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a Base64url v\u00e0 sau \u0111\u00f3 \u0111\u01b0\u1ee3c d\u00f9ng thu\u1eadt to\u00e1n \u0111\u1ec3 x\u00e1c \u0111\u1ecbnh header b\u1eb1ng kh\u00f3a b\u00ed m\u1eadt. Signature l\u00fac n\u00e0y sau khi \u0111\u01b0\u1ee3c th\u00eam v\u00e0o header v\u00e0 payload s\u1ebd t\u1ea1o th\u00e0nh token nh\u01b0 sau:<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">header.payload.signature<\/span>\r\n\r\n<span style=\"font-weight: 400;\">HASHINGALGO( base64UrlEncode(header) + \u201c.\u201d + base64UrlEncode(payload),secret)<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">\u0110o\u1ea1n m\u00e3 \u0111\u1ea7y \u0111\u1ee7 v\u1ec1 c\u1ea5u tr\u00fac c\u1ee7a m\u1ed9t JWT nh\u01b0 sau:\u00a0<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">{<\/span>\r\n<span style=\"font-weight: 400;\">\"header\":<\/span>\r\n<span style=\"font-weight: 400;\">{<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \"alg\": <\/span><span style=\"font-weight: 400;\">\"HS256\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \"typ\": <\/span><span style=\"font-weight: 400;\">\"JWT\"<\/span>\r\n<span style=\"font-weight: 400;\">},<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\"payload\":<\/span>\r\n<span style=\"font-weight: 400;\">{<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \"id\": <\/span><span style=\"font-weight: 400;\">123456789<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \"name\": <\/span><span style=\"font-weight: 400;\">\"Joseph\"<\/span>\r\n<span style=\"font-weight: 400;\">},<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\"secret\": <\/span><span style=\"font-weight: 400;\">\"ITviecBog\"<\/span><span style=\"font-weight: 400;\">}<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">K\u1ebft qu\u1ea3 hi\u1ec3n th\u1ecb c\u1ee7a JWT:<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-76207\" src=\"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/json-web-token-vippro.jpg\" alt=\"json web token - itviec blog\" width=\"862\" height=\"82\" srcset=\"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/json-web-token-vippro.jpg 862w, https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/json-web-token-vippro-300x29.jpg 300w, https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/json-web-token-vippro-700x67.jpg 640w, https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/json-web-token-vippro-200x19.jpg 200w, https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/json-web-token-vippro-100x10.jpg 100w\" sizes=\"auto, (max-width: 862px) 100vw, 862px\" \/><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Khi_nao_nen_su_dung_JSON_Web_Token_Mot_so_diem_manh_va_diem_yeu\"><\/span><b> Khi n\u00e0o n\u00ean s\u1eed d\u1ee5ng JSON Web Token? M\u1ed9t s\u1ed1 \u0111i\u1ec3m m\u1ea1nh v\u00e0 \u0111i\u1ec3m y\u1ebfu\u00a0<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">M\u1ed9t s\u1ed1 \u01b0u \u0111i\u1ec3m c\u0169ng nh\u01b0 \u0111i\u1ec3m c\u00f2n h\u1ea1n ch\u1ebf c\u1ee7a JSON Web Token nh\u01b0:<\/span><\/p>\n<table>\n<tbody>\n<tr>\n<td><b>\u0110i\u1ec3m m\u1ea1nh<\/b><\/td>\n<td><b>\u0110i\u1ec3m y\u1ebfu<\/b><\/td>\n<\/tr>\n<tr>\n<td>\n<ul>\n<li style=\"font-weight: 400; text-align: left;\" aria-level=\"1\"><span style=\"font-weight: 400;\">B\u1ea3o m\u1eadt b\u1eb1ng c\u1eb7p kh\u00f3a b\u00ed m\u1eadt (HMAC) ho\u1eb7c c\u1eb7p kh\u00f3a c\u00f4ng khai (RSA, ECDSA) \u0111\u1ec3 tr\u00e1nh s\u1ef1 t\u1ea5n c\u00f4ng.<\/span><\/li>\n<li style=\"font-weight: 400; text-align: left;\" aria-level=\"1\"><span style=\"font-weight: 400;\">T\u1ea1o JWT tr\u00ean m\u00e1y ch\u1ee7 v\u00e0 g\u1eedi ch\u00fang qua m\u00e1y kh\u00e1ch, sau \u0111\u00f3 kh\u00e1ch h\u00e0ng g\u1eedi JWT v\u1edbi m\u1ecdi y\u00eau c\u1ea7u. \u0110i\u1ec1u n\u00e0y gi\u00fap ti\u1ebft ki\u1ec7m kh\u00f4ng gian c\u01a1 s\u1edf d\u1eef li\u1ec7u.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400; text-align: left;\" aria-level=\"1\"><span style=\"font-weight: 400;\">X\u00e1c minh JWT nhanh ch\u00f3ng v\u00e0 kh\u00f4ng y\u00eau c\u1ea7u tra c\u1ee9u c\u01a1 s\u1edf d\u1eef li\u1ec7u. \u0110i\u1ec1u n\u00e0y h\u1eefu \u00edch trong c\u00e1c h\u1ec7 th\u1ed1ng ph\u00e2n t\u00e1n l\u1edbn.\u00a0<\/span><\/li>\n<\/ul>\n<\/td>\n<td>\n<ul>\n<li style=\"font-weight: 400; text-align: left;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Kh\u00f4ng th\u1ec3 h\u1ee7y ngang do t\u00ednh ch\u1ea5t kh\u00e9p k\u00edn v\u00e0 quy tr\u00ecnh x\u00e1c minh kh\u00f4ng tr\u1ea1ng th\u00e1i, d\u1eabn \u0111\u1ebfn kh\u00f3 thu h\u1ed3i JWT tr\u01b0\u1edbc khi ch\u00fang h\u1ebft h\u1ea1n.<\/span><\/li>\n<li style=\"font-weight: 400; text-align: left;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Ph\u1ee5 thu\u1ed9c v\u00e0o kh\u00f3a b\u00ed m\u1eadt, n\u1ebfu kh\u00f3a \u0111\u00f3 b\u1ecb x\u00e2m ph\u1ea1m, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 t\u1ea1o JWT c\u1ee7a ri\u00eang ch\u00fang m\u00e0 l\u1edbp API s\u1ebd ch\u1ea5p nh\u1eadn. \u0110i\u1ec1u n\u00e0y c\u00f3 ngh\u0129a k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 gi\u1ea3 m\u1ea1o danh t\u00ednh c\u1ee7a b\u1ea5t k\u1ef3 ng\u01b0\u1eddi d\u00f9ng n\u00e0o.\u00a0<\/span><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><span style=\"font-weight: 400;\">V\u1eady khi n\u00e0o n\u00ean s\u1eed d\u1ee5ng JWT? B\u1ea1n c\u1ea7n s\u1eed d\u1ee5ng \u0111\u1ebfn JSON Web Token khi:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>\u1ee6y quy\u1ec1n: <\/b><span style=\"font-weight: 400;\">\u0110\u00e2y l\u00e0 tr\u01b0\u1eddng h\u1ee3p ph\u1ed5 bi\u1ebfn \u0111\u1ec3 s\u1eed d\u1ee5ng JWT. Sau khi ng\u01b0\u1eddi d\u00f9ng \u0111\u0103ng nh\u1eadp, m\u1ed7i y\u00eau c\u1ea7u ti\u1ebfp theo s\u1ebd bao g\u1ed3m JWT, cho ph\u00e9p ng\u01b0\u1eddi d\u00f9ng truy c\u1eadp c\u00e1c routes, d\u1ecbch v\u1ee5 v\u00e0 t\u00e0i nguy\u00ean \u0111\u01b0\u1ee3c ph\u00e9p b\u1eb1ng token. \u0110\u0103ng nh\u1eadp m\u1ed9t l\u1ea7n (Single Sign On) l\u00e0 m\u1ed9t t\u00ednh n\u0103ng \u0111\u01b0\u1ee3c JWT s\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i b\u1edfi chi ph\u00ed th\u1ea5p c\u0169ng nh\u01b0 d\u1ec5 d\u00e0ng s\u1eed d\u1ee5ng tr\u00ean c\u00e1c mi\u1ec1n (domain) kh\u00e1c nhau.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Trao \u0111\u1ed5i th\u00f4ng tin:<\/b><span style=\"font-weight: 400;\"> JWT l\u00e0 m\u1ed9t ph\u01b0\u01a1ng ph\u00e1p h\u1eefu \u00edch \u0111\u1ec3 truy\u1ec1n th\u00f4ng tin m\u1ed9t c\u00e1ch an to\u00e0n gi\u1eefa c\u00e1c b\u00ean b\u1edfi ch\u00fang c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c k\u00fd. Ch\u1eb3ng h\u1ea1n nh\u01b0 khi b\u1ea1n s\u1eed d\u1ee5ng c\u1eb7p kh\u00f3a c\u00f4ng khai\/ri\u00eang t\u01b0, b\u1ea1n c\u00f3 th\u1ec3 ch\u1eafc ch\u1eafn r\u1eb1ng v\u1ec1 ng\u01b0\u1eddi g\u1eedi. Ngo\u00e0i ra, v\u00ec ch\u1eef k\u00fd \u0111\u01b0\u1ee3c t\u00ednh b\u1eb1ng ti\u00eau \u0111\u1ec1 v\u00e0 t\u1ea3i tr\u1ecdng n\u00ean b\u1ea1n c\u0169ng c\u00f3 th\u1ec3 x\u00e1c minh r\u1eb1ng n\u1ed9i dung kh\u00f4ng b\u1ecb gi\u1ea3 m\u1ea1o.\u00a0<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">B\u00ean c\u1ea1nh \u0111\u00f3, b\u1ea1n c\u0169ng n\u00ean l\u01b0u \u00fd kh\u00f4ng n\u00ean d\u00f9ng JWT l\u00e0m <\/span><a href=\"https:\/\/itviec.com\/blog\/cookies-la-gi\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">cookies<\/span><\/a><span style=\"font-weight: 400;\"> c\u0169ng nh\u01b0 qu\u1ea3n l\u00fd phi\u00ean ng\u01b0\u1eddi d\u00f9ng b\u1edfi ch\u00fang s\u1ebd l\u00e0m m\u1ea5t kh\u1ea3 n\u0103ng t\u1ef1 \u0111\u1ed9ng qu\u1ea3n l\u00fd c\u1ee7a tr\u00ecnh duy\u1ec7t.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u0110\u1ed3ng th\u1eddi, kh\u00f4ng \u0111\u1eb7t quy\u1ec1n ho\u1eb7c d\u1eef li\u1ec7u li\u00ean quan \u0111\u1ebfn \u1ee9ng d\u1ee5ng v\u00ec n\u00f3 s\u1ebd khi\u1ebfn \u0111\u1ea1t \u0111\u1ebfn gi\u1edbi h\u1ea1n k\u00edch th\u01b0\u1edbc c\u1ee7a header.\u00a0<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"JSON_Web_Token_Claims\"><\/span><b> JSON Web Token Claims<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">JSON Web Token Claims l\u00e0 nh\u1eefng th\u00f4ng tin \u0111\u01b0\u1ee3c x\u00e1c nh\u1eadn v\u1ec1 m\u1ed9t ch\u1ee7 \u0111\u1ec1 (ch\u1eb3ng h\u1ea1n nh\u01b0 ID token c\u00f3 th\u1ec3 ch\u1ee9a x\u00e1c nh\u1eadn quy\u1ec1n s\u1edf h\u1eefu b\u1eb1ng t\u00ean c\u1ee7a ng\u01b0\u1eddi d\u00f9ng). Trong JWT, x\u00e1c nh\u1eadn quy\u1ec1n s\u1edf h\u1eefu xu\u1ea5t hi\u1ec7n d\u01b0\u1edbi d\u1ea1ng c\u1eb7p t\u00ean &#8211; gi\u00e1 tr\u1ecb trong \u0111\u00f3 t\u00ean lu\u00f4n l\u00e0 m\u1ed9t chu\u1ed7i v\u00e0 gi\u00e1 tr\u1ecb c\u00f3 th\u1ec3 l\u00e0 b\u1ea5t k\u1ef3 gi\u00e1 tr\u1ecb JSON n\u00e0o.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">JWT Claims c\u00f3 hai lo\u1ea1i ch\u00ednh l\u00e0:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Registered (\u0110\u00e3 \u0111\u0103ng k\u00fd):<\/b><span style=\"font-weight: 400;\"> X\u00e1c nh\u1eadn quy\u1ec1n s\u1edf h\u1eefu ti\u00eau chu\u1ea9n \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd v\u1edbi The Internet Assigned Number Authority (IANA) v\u00e0 \u0111\u01b0\u1ee3c x\u00e1c \u0111\u1ecbnh b\u1edfi JWT Specification \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o kh\u1ea3 n\u0103ng t\u01b0\u01a1ng t\u00e1c v\u1edbi c\u00e1c \u1ee9ng d\u1ee5ng c\u1ee7a b\u00ean th\u1ee9 ba ho\u1eb7c b\u00ean ngo\u00e0i.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Custom (T\u00f9y ch\u1ec9nh):<\/b><span style=\"font-weight: 400;\"> Bao g\u1ed3m c\u00e1c khi\u1ebfu n\u1ea1i c\u00f4ng khai (non-registered public) ho\u1eb7c ri\u00eang t\u01b0 ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd (private claims). Public claims c\u00f3 kh\u1ea3 n\u0103ng ch\u1ed1ng va ch\u1ea1m trong khi private claims c\u00f3 th\u1ec3 x\u1ea3y ra xung \u0111\u1ed9t.\u00a0\u00a0\u00a0<\/span><\/li>\n<\/ul>\n<h3><b>Registered Claims<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Registered Claims l\u00e0 JWT Specification x\u00e1c \u0111\u1ecbnh b\u1ea3y y\u00eau c\u1ea7u d\u00e0nh ri\u00eang kh\u00f4ng b\u1eaft bu\u1ed9c nh\u01b0ng \u0111\u01b0\u1ee3c khuy\u1ebfn ngh\u1ecb \u0111\u1ec3 cho ph\u00e9p kh\u1ea3 n\u0103ng t\u01b0\u01a1ng t\u00e1c v\u1edbi c\u00e1c \u1ee9ng d\u1ee5ng c\u1ee7a b\u00ean th\u1ee9 ba. C\u1ee5 th\u1ec3 nh\u01b0:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Iss (issuer):<\/b><span style=\"font-weight: 400;\"> Nh\u00e0 ph\u00e1t h\u00e0nh JWT.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Sub (subject):<\/b><span style=\"font-weight: 400;\"> Ch\u1ee7 \u0111\u1ec1 c\u1ee7a JWT (ng\u01b0\u1eddi d\u00f9ng).<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Aud (audience):<\/b><span style=\"font-weight: 400;\"> Ng\u01b0\u1eddi nh\u1eadn m\u00e0 JWT h\u01b0\u1edbng t\u1edbi.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Exp (expiration time):<\/b><span style=\"font-weight: 400;\"> Th\u1eddi gian sau \u0111\u00f3 JWT h\u1ebft h\u1ea1n.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Nbf (not before time): <\/b><span style=\"font-weight: 400;\">Th\u1eddi gian tr\u01b0\u1edbc \u0111\u00f3 JWT kh\u00f4ng \u0111\u01b0\u1ee3c ch\u1ea5p nh\u1eadn \u0111\u1ec3 x\u1eed l\u00fd.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Iat (issued at time):<\/b><span style=\"font-weight: 400;\"> Th\u1eddi \u0111i\u1ec3m JWT \u0111\u01b0\u1ee3c c\u1ea5p, c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 x\u00e1c \u0111\u1ecbnh tu\u1ed5i c\u1ee7a JWT.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Jti (JWT ID):<\/b><span style=\"font-weight: 400;\"> M\u00e3 \u0111\u1ecbnh danh duy nh\u1ea5t, c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 ng\u0103n JWT \u0111\u01b0\u1ee3c ph\u00e1t l\u1ea1i (ch\u1ec9 cho ph\u00e9p s\u1eed d\u1ee5ng token duy nh\u1ea5t).<\/span><\/li>\n<\/ul>\n<h3><b>Custom Claims<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">B\u1ea1n c\u00f3 th\u1ec3 x\u00e1c \u0111\u1ecbnh x\u00e1c nh\u1eadn custom claims c\u1ee7a m\u00ecnh m\u00e0 b\u1ea1n ki\u1ec3m so\u00e1t v\u00e0 c\u00f3 th\u1ec3 ch\u00fang v\u00e0o token b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng <\/span><span style=\"font-weight: 400;\">Action.<\/span><span style=\"font-weight: 400;\"> Ch\u1eb3ng h\u1ea1n nh\u01b0:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Th\u00eam \u0111\u1ecba ch\u1ec9 email c\u1ee7a ng\u01b0\u1eddi d\u00f9ng v\u00e0o token truy c\u1eadp (An access token) v\u00e0 s\u1eed d\u1ee5ng \u0111\u1ecba ch\u1ec9 \u0111\u00f3 \u0111\u1ec3 nh\u1eadn d\u1ea1ng ng\u01b0\u1eddi d\u00f9ng duy nh\u1ea5t.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Th\u00eam th\u00f4ng tin t\u00f9y ch\u1ec9nh \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef trong h\u1ed3 s\u01a1 ng\u01b0\u1eddi d\u00f9ng v\u00e0o ID token.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Mi\u1ec5n l\u00e0 Action \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n, Custom Claims \u0111\u01b0\u1ee3c th\u00eam v\u00e0o s\u1ebd xu\u1ea5t hi\u1ec7n trong m\u00e3 th\u00f4ng b\u00e1o m\u1edbi \u0111\u01b0\u1ee3c ph\u00e1t h\u00e0nh khi s\u1eed d\u1ee5ng token l\u00e0m m\u1edbi (a refresh token).<\/span><\/p>\n<p><span style=\"font-weight: 400;\">V\u00ed d\u1ee5, h\u1ed3 s\u01a1 ng\u01b0\u1eddi d\u00f9ng chu\u1ea9n h\u00f3a \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef nh\u01b0 sau:<\/span><\/p>\n<pre>{\r\n\u00a0 \"email\": \"jane@example.com\",\r\n\u00a0 \"email_verified\": true,\r\n\u00a0 \"user_id\": \"custom|123\",\r\n\u00a0 \"favorite_color\": \"blue\",\r\n\u00a0 \"user_metadata\": {\r\n\u00a0 \u00a0 \"preferred_contact\": \"email\"\r\n\u00a0 }\r\n}<\/pre>\n<p><span style=\"font-weight: 400;\">V\u1edbi c\u1ea5u h\u00ecnh tr\u00ean, tr\u00ecnh duy\u1ec7t s\u1ebd tr\u1ea3 l\u1ea1i c\u00e1c ID token claims cho \u1ee9ng d\u1ee5ng c\u1ee7a b\u1ea1n nh\u01b0 sau:<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">{<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \"email\": <\/span><span style=\"font-weight: 400;\">\"jane@example.com\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \"email_verified\": <\/span><span style=\"font-weight: 400;\">true<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \"iss\": <\/span><span style=\"font-weight: 400;\">\"https:\/\/my-domain.auth0.com\/\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \"sub\": <\/span><span style=\"font-weight: 400;\">\"custom|123\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \"aud\": <\/span><span style=\"font-weight: 400;\">\"my_client_id\"<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \"iat\": <\/span><span style=\"font-weight: 400;\">1311280970<\/span><span style=\"font-weight: 400;\">,<\/span>\r\n<span style=\"font-weight: 400;\">\u00a0 \"exp\": <\/span><span style=\"font-weight: 400;\">1311281970<\/span>\r\n<span style=\"font-weight: 400;\">}<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">Qua v\u00ed d\u1ee5 tr\u00ean, c\u00f3 th\u1ec3 th\u1ea5y \u0111\u01b0\u1ee3c:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">X\u00e1c nh\u1eadn quy\u1ec1n s\u1edf h\u1eefu ph\u1ee5 ch\u1ee9a gi\u00e1 tr\u1ecb c\u1ee7a thu\u1ed9c t\u00ednh <\/span><span style=\"font-weight: 400;\">user-id<\/span><span style=\"font-weight: 400;\">.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">C\u1ea3 thu\u1ed9c t\u00ednh <\/span><span style=\"font-weight: 400;\">favorite_color<\/span><span style=\"font-weight: 400;\"> v\u00e0 <\/span><span style=\"font-weight: 400;\">user_metadata<\/span><span style=\"font-weight: 400;\"> \u0111\u1ec1u kh\u00f4ng xu\u1ea5t hi\u1ec7n v\u00ec OpenID Connect (OIDC) kh\u00f4ng x\u00e1c \u0111\u1ecbnh c\u00e1c standard claims (quy\u1ec1n s\u1edf h\u1eefu ti\u00eau chu\u1ea9n) \u0111\u1ea1i di\u1ec7n cho <\/span><span style=\"font-weight: 400;\">favorite_color<\/span><span style=\"font-weight: 400;\"> ho\u1eb7c <\/span><span style=\"font-weight: 400;\">user_metadata<\/span><span style=\"font-weight: 400;\">.<\/span><\/li>\n<\/ul>\n<h3><b>Public Claims<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">B\u1ea1n c\u00f3 th\u1ec3 t\u1ea1o Custom Claims \u0111\u1ec3 c\u00f4ng ch\u00fang s\u1eed d\u1ee5ng, ch\u1ee9a c\u00e1c th\u00f4ng tin chung nh\u01b0 t\u00ean v\u00e0 email.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">N\u1ebfu b\u1ea1n t\u1ea1o Public Claims, b\u1ea1n ph\u1ea3i \u0111\u0103ng k\u00fd ho\u1eb7c s\u1eed d\u1ee5ng c\u00e1c t\u00ean ch\u1ed1ng xung \u0111\u1ed9t th\u00f4ng qua kh\u00f4ng gian t\u00ean v\u00e0 th\u1ef1c hi\u1ec7n c\u00e1c bi\u1ec7n ph\u00e1p ng\u0103n ch\u1eb7n h\u1ee3p l\u00fd \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o r\u1eb1ng b\u1ea1n c\u00f3 quy\u1ec1n ki\u1ec3m so\u00e1t t\u00ean m\u00e0 m\u00ecnh \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng.<\/span><b><\/b><\/p>\n<h3><b>Private Claims<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">B\u1ea1n c\u00f3 th\u1ec3 t\u1ea1o Private Claims \u0111\u1ec3 chia s\u1ebb th\u00f4ng tin c\u1ee5 th\u1ec3 cho \u1ee9ng d\u1ee5ng c\u1ee7a m\u00ecnh. V\u00ed d\u1ee5 nh\u01b0 trong khi Public Claims c\u00f3 th\u1ec3 ch\u1ee9a th\u00f4ng tin chung nh\u01b0 h\u1ecd t\u00ean v\u00e0 email, th\u00ec Private Claims s\u1ebd c\u1ee5 th\u1ec3 h\u01a1n, ch\u1eb3ng h\u1ea1n nh\u01b0 ID nh\u00e2n vi\u00ean, t\u00ean b\u1ed9 ph\u1eadn,&#8230;\u00a0<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Cau_hoi_thuong_gap_ve_JSON_Web_Token\"><\/span><b> C\u00e2u h\u1ecfi th\u01b0\u1eddng g\u1eb7p v\u1ec1 JSON Web Token<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3><b>JSON Web Token c\u00f3 th\u1ec3 ho\u1ea1t \u0111\u1ed9ng c\u00f9ng v\u1edbi HTTP kh\u00f4ng?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">JWT l\u00e0 m\u1ed9t l\u1ef1a ch\u1ecdn t\u1ed1t \u0111\u1ec3 ho\u1ea1t \u0111\u1ed9ng trong m\u00f4i tr\u01b0\u1eddng HTML v\u00e0 HTTP. JSON nh\u1ecf g\u1ecdn v\u00e0 \u00edt d\u00e0i d\u00f2ng h\u01a1n XML, th\u01b0\u1eddng \u0111\u01b0\u1ee3c truy\u1ec1n t\u1ea3i trong ti\u00eau \u0111\u1ec1 Authorization trong HTTP. M\u00e1y ch\u1ee7 c\u00f3 th\u1ec3 x\u00e1c minh ch\u1eef k\u00fd c\u1ee7a JWT v\u00e0 tr\u00edch xu\u1ea5t th\u00f4ng tin x\u00e1c th\u1ef1c t\u1eeb JWT payload.\u00a0<\/span><b><\/b><\/p>\n<h3><b>R\u1ee7i ro khi s\u1eed d\u1ee5ng JSON Web Token l\u00e0 g\u00ec?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">M\u1ed9t s\u1ed1 r\u1ee7i ro c\u00f3 th\u1ec3 g\u1eb7p khi s\u1eed d\u1ee5ng JSON Web Token nh\u01b0:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">L\u1ed7 h\u1ecfng ch\u1eef k\u00fd: N\u1ebfu kh\u00f3a b\u00ed m\u1eadt \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 k\u00fd JWT b\u1ecb l\u1ed9, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 l\u1ee3i d\u1ee5ng \u0111\u1ec3 t\u1ea1o JWT gi\u1ea3.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">L\u1ed7 h\u1ecfng x\u00e1c th\u1ef1c: N\u1ebfu c\u1ea5u h\u00ecnh JWT kh\u00f4ng \u0111\u01b0\u1ee3c ch\u00ednh x\u00e1c, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 truy c\u1eadp v\u00e0 gi\u1ea3 m\u1ea1o danh t\u00ednh ng\u01b0\u1eddi d\u00f9ng.<\/span><\/li>\n<\/ul>\n<blockquote><p><span style=\"font-weight: 400;\">Tham kh\u1ea3o <\/span><strong><a href=\"https:\/\/itviec.com\/it-jobs\/front-end?utm_campaign=daily&amp;utm_medium=anchor_text&amp;utm_source=blog_16082023&amp;job_selected=senior-front-end-developer-reactjs-vuejs-silicon-stack-5607\">Vi\u1ec7c l\u00e0m Front-end<\/a><\/strong><span style=\"font-weight: 400;\"> h\u1ea5p d\u1eabn tr\u00ean ITviec<\/span><\/p><\/blockquote>\n<h2><span class=\"ez-toc-section\" id=\"Tong_ket_ve_JSON_Web_Token\"><\/span><b>T\u1ed5ng k\u1ebft v\u1ec1 JSON Web Token<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Hy v\u1ecdng qua b\u00e0i vi\u1ebft, b\u1ea1n s\u1ebd c\u00f3 g\u00f3c nh\u00ecn t\u1ed5ng quan h\u01a1n v\u1ec1 \u0111\u1ecbnh d\u1ea1ng c\u1ea5u tr\u00fac <\/span><b>JSON Web Token<\/b><span style=\"font-weight: 400;\"> c\u0169ng nh\u01b0 c\u00e1ch ho\u1ea1t \u0111\u1ed9ng c\u1ee7a ch\u00fang. N\u1ebfu b\u1ea1n \u0111ang c\u00f3 \u0111\u1ecbnh h\u01b0\u1edbng tr\u1edf th\u00e0nh Web Developer ho\u1eb7c ph\u00e1t tri\u1ec3n m\u1ed9t \u1ee9ng d\u1ee5ng web, <\/span><b>JSON Web Token<\/b><span style=\"font-weight: 400;\"> s\u1ebd l\u00e0 m\u1ed9t trong nh\u1eefng ph\u01b0\u01a1ng ph\u00e1p h\u1eefu \u00edch gi\u00fap b\u1ea1n t\u1ed1i \u01b0u c\u0169ng nh\u01b0 \u0111\u01a1n gi\u1ea3n h\u00f3a qu\u00e1 tr\u00ecnh x\u1eed l\u00fd d\u1eef li\u1ec7u.<\/span><\/p>\n<blockquote><p>Xem th\u00eam: <a href=\"https:\/\/itviec.com\/blog\/javascript-developer\/\"><b>Javascript Developer l\u00e0 g\u00ec? C\u00e1c h\u01b0\u1edbng ph\u00e1t tri\u1ec3n c\u1ee7a Javascript Developer<\/b><\/a><\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>JSON Web Token (hay c\u00f2n g\u1ecdi l\u00e0 JWT) l\u00e0 m\u00e3 th\u00f4ng b\u00e1o nh\u1ecf g\u1ecdn, an to\u00e0n v\u1edbi URL \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 truy\u1ec1n th\u00f4ng tin m\u1ed9t c\u00e1ch an to\u00e0n gi\u1eefa c\u00e1c \u0111\u1ed1i t\u01b0\u1ee3ng JSON. B\u00ean c\u1ea1nh \u0111\u00f3, ch\u00fang c\u00f2n \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 x\u00e1c th\u1ef1c v\u00e0 trao \u0111\u1ed5i. V\u1eady JSON Web Token \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng [&hellip;]<\/p>\n","protected":false},"author":207,"featured_media":76208,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gspb_post_css":"","footnotes":""},"categories":[109],"tags":[],"class_list":["post-76205","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-chuyen-mon-it"],"blocksy_meta":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.8 (Yoast SEO v27.7) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>JSON Web Token l\u00e0 g\u00ec: \u0110\u1ecbnh ngh\u0129a v\u00e0 c\u00e1ch ho\u1ea1t \u0111\u1ed9ng - ITviec Blog<\/title>\n<meta name=\"description\" content=\"JSON Web Token l\u00e0 m\u1ed9t ti\u00eau chu\u1ea9n m\u1edf \u0111\u01b0\u1ee3c d\u00f9ng \u0111\u1ec3 truy\u1ec1n t\u1ea3i th\u00f4ng tin gi\u1eefa c\u00e1c \u0111\u1ed1i t\u01b0\u1ee3ng JSON. T\u00ecm hi\u1ec3u chi ti\u1ebft v\u1ec1 JWT qua b\u00e0i vi\u1ebft sau.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/\" \/>\n<meta property=\"og:locale\" content=\"vi_VN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"JSON Web Token l\u00e0 g\u00ec: \u0110\u1ecbnh ngh\u0129a v\u00e0 c\u00e1ch ho\u1ea1t \u0111\u1ed9ng\" \/>\n<meta property=\"og:description\" content=\"JSON Web Token (hay c\u00f2n g\u1ecdi l\u00e0 JWT) l\u00e0 m\u00e3 th\u00f4ng b\u00e1o nh\u1ecf g\u1ecdn, an to\u00e0n v\u1edbi URL \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 truy\u1ec1n th\u00f4ng tin m\u1ed9t c\u00e1ch an to\u00e0n gi\u1eefa c\u00e1c \u0111\u1ed1i t\u01b0\u1ee3ng JSON.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/\" \/>\n<meta property=\"og:site_name\" content=\"ITviec Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ITviec\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-29T02:45:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/JSON-Web-Token-thumbnail-vippro.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"790\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Uyen Ngo\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ITviec\" \/>\n<meta name=\"twitter:site\" content=\"@ITviec\" \/>\n<meta name=\"twitter:label1\" content=\"\u0110\u01b0\u1ee3c vi\u1ebft b\u1edfi\" \/>\n\t<meta name=\"twitter:data1\" content=\"Uyen Ngo\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u01af\u1edbc t\u00ednh th\u1eddi gian \u0111\u1ecdc\" \/>\n\t<meta name=\"twitter:data2\" content=\"13 ph\u00fat\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"JSON Web Token l\u00e0 g\u00ec: \u0110\u1ecbnh ngh\u0129a v\u00e0 c\u00e1ch ho\u1ea1t \u0111\u1ed9ng - ITviec Blog","description":"JSON Web Token l\u00e0 m\u1ed9t ti\u00eau chu\u1ea9n m\u1edf \u0111\u01b0\u1ee3c d\u00f9ng \u0111\u1ec3 truy\u1ec1n t\u1ea3i th\u00f4ng tin gi\u1eefa c\u00e1c \u0111\u1ed1i t\u01b0\u1ee3ng JSON. T\u00ecm hi\u1ec3u chi ti\u1ebft v\u1ec1 JWT qua b\u00e0i vi\u1ebft sau.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/","og_locale":"vi_VN","og_type":"article","og_title":"JSON Web Token l\u00e0 g\u00ec: \u0110\u1ecbnh ngh\u0129a v\u00e0 c\u00e1ch ho\u1ea1t \u0111\u1ed9ng","og_description":"JSON Web Token (hay c\u00f2n g\u1ecdi l\u00e0 JWT) l\u00e0 m\u00e3 th\u00f4ng b\u00e1o nh\u1ecf g\u1ecdn, an to\u00e0n v\u1edbi URL \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 truy\u1ec1n th\u00f4ng tin m\u1ed9t c\u00e1ch an to\u00e0n gi\u1eefa c\u00e1c \u0111\u1ed1i t\u01b0\u1ee3ng JSON.","og_url":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/","og_site_name":"ITviec Blog","article_publisher":"https:\/\/www.facebook.com\/ITviec","article_published_time":"2024-07-29T02:45:21+00:00","og_image":[{"width":1500,"height":790,"url":"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/JSON-Web-Token-thumbnail-vippro.jpg","type":"image\/jpeg"}],"author":"Uyen Ngo","twitter_card":"summary_large_image","twitter_creator":"@ITviec","twitter_site":"@ITviec","twitter_misc":{"\u0110\u01b0\u1ee3c vi\u1ebft b\u1edfi":"Uyen Ngo","\u01af\u1edbc t\u00ednh th\u1eddi gian \u0111\u1ecdc":"13 ph\u00fat"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#article","isPartOf":{"@id":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/"},"author":{"name":"Uyen Ngo","@id":"https:\/\/itviec.com\/blog\/#\/schema\/person\/f4cd1226846e0258c664e170d3e52d20"},"headline":"JSON Web Token l\u00e0 g\u00ec: \u0110\u1ecbnh ngh\u0129a v\u00e0 c\u00e1ch ho\u1ea1t \u0111\u1ed9ng","datePublished":"2024-07-29T02:45:21+00:00","mainEntityOfPage":{"@id":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/"},"wordCount":3444,"publisher":{"@id":"https:\/\/itviec.com\/blog\/#organization"},"image":{"@id":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#primaryimage"},"thumbnailUrl":"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/JSON-Web-Token-thumbnail-vippro.jpg","articleSection":["Chuy\u00ean m\u00f4n IT"],"inLanguage":"vi"},{"@type":"WebPage","@id":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/","url":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/","name":"JSON Web Token l\u00e0 g\u00ec: \u0110\u1ecbnh ngh\u0129a v\u00e0 c\u00e1ch ho\u1ea1t \u0111\u1ed9ng - ITviec Blog","isPartOf":{"@id":"https:\/\/itviec.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#primaryimage"},"image":{"@id":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#primaryimage"},"thumbnailUrl":"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/JSON-Web-Token-thumbnail-vippro.jpg","datePublished":"2024-07-29T02:45:21+00:00","description":"JSON Web Token l\u00e0 m\u1ed9t ti\u00eau chu\u1ea9n m\u1edf \u0111\u01b0\u1ee3c d\u00f9ng \u0111\u1ec3 truy\u1ec1n t\u1ea3i th\u00f4ng tin gi\u1eefa c\u00e1c \u0111\u1ed1i t\u01b0\u1ee3ng JSON. T\u00ecm hi\u1ec3u chi ti\u1ebft v\u1ec1 JWT qua b\u00e0i vi\u1ebft sau.","breadcrumb":{"@id":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#breadcrumb"},"inLanguage":"vi","potentialAction":[{"@type":"ReadAction","target":["https:\/\/itviec.com\/blog\/json-web-token-la-gi\/"]}]},{"@type":"ImageObject","inLanguage":"vi","@id":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#primaryimage","url":"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/JSON-Web-Token-thumbnail-vippro.jpg","contentUrl":"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/07\/JSON-Web-Token-thumbnail-vippro.jpg","width":1500,"height":790,"caption":"json web token - itviec blog"},{"@type":"BreadcrumbList","@id":"https:\/\/itviec.com\/blog\/json-web-token-la-gi\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Chuy\u00ean m\u00f4n IT","item":"https:\/\/itviec.com\/blog\/chuyen-mon-it\/"},{"@type":"ListItem","position":2,"name":"JSON Web Token l\u00e0 g\u00ec: \u0110\u1ecbnh ngh\u0129a v\u00e0 c\u00e1ch ho\u1ea1t \u0111\u1ed9ng"}]},{"@type":"WebSite","@id":"https:\/\/itviec.com\/blog\/#website","url":"https:\/\/itviec.com\/blog\/","name":"ITviec Blog","description":"IT Jobs &amp; People in Vietnam","publisher":{"@id":"https:\/\/itviec.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/itviec.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"vi"},{"@type":"Organization","@id":"https:\/\/itviec.com\/blog\/#organization","name":"ITviec","url":"https:\/\/itviec.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"vi","@id":"https:\/\/itviec.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2018\/12\/itviec-black-square-facebook.png","contentUrl":"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2018\/12\/itviec-black-square-facebook.png","width":1800,"height":1800,"caption":"ITviec"},"image":{"@id":"https:\/\/itviec.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ITviec","https:\/\/x.com\/ITviec","https:\/\/www.linkedin.com\/company\/itviec","https:\/\/www.youtube.com\/channel\/UCYthAQ3bcGr57M_ag5gHDvQ"]},{"@type":"Person","@id":"https:\/\/itviec.com\/blog\/#\/schema\/person\/f4cd1226846e0258c664e170d3e52d20","name":"Uyen Ngo","image":{"@type":"ImageObject","inLanguage":"vi","@id":"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/03\/ngo-thieu-my-uyen-author-e1709880420317-100x100.jpg","url":"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/03\/ngo-thieu-my-uyen-author-e1709880420317-100x100.jpg","contentUrl":"https:\/\/itviec.com\/blog\/wp-content\/uploads\/2024\/03\/ngo-thieu-my-uyen-author-e1709880420317-100x100.jpg","caption":"Uyen Ngo"},"url":"https:\/\/itviec.com\/blog\/author\/uyen-ngo\/"}]}},"_links":{"self":[{"href":"https:\/\/itviec.com\/blog\/wp-json\/wp\/v2\/posts\/76205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/itviec.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itviec.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itviec.com\/blog\/wp-json\/wp\/v2\/users\/207"}],"replies":[{"embeddable":true,"href":"https:\/\/itviec.com\/blog\/wp-json\/wp\/v2\/comments?post=76205"}],"version-history":[{"count":0,"href":"https:\/\/itviec.com\/blog\/wp-json\/wp\/v2\/posts\/76205\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/itviec.com\/blog\/wp-json\/wp\/v2\/media\/76208"}],"wp:attachment":[{"href":"https:\/\/itviec.com\/blog\/wp-json\/wp\/v2\/media?parent=76205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itviec.com\/blog\/wp-json\/wp\/v2\/categories?post=76205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itviec.com\/blog\/wp-json\/wp\/v2\/tags?post=76205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}