Skip to content
GlossaryConceptUpdated May 2026

JWT

noun · also: api-key, oauth, secret

What is jwt?

A JWT (JSON Web Token) is a compact, signed token used to prove who you are or what you're allowed to do — common in modern API auth.

Definition

Full definition of jwt

JWTs encode a JSON payload (the "claims" — user_id, scopes, expiry) and sign it cryptographically so the receiver can verify authenticity without calling a database. They look like three base64 strings separated by dots. Many APIs (Auth0, Firebase, Supabase, Clerk) issue JWTs after login; Tiny Command uses them internally to authenticate API requests. You'll occasionally see JWTs in integration setup screens.

In practice

JWT examples

JWT structure
eyJhbGciOi... (header) . eyJzdWIiOi... (payload) . SflKxwRJ... (signature)
Used by

Apps that exemplify jwt

See jwt in action across real integrations.

Anthropic
AI & ML
OpenAI
AI & ML
Supabase
Spreadsheets & Databases
Stripe
Payments
FAQ

Common questions about jwt

Are JWTs encrypted?
No — they're signed, not encrypted. Anyone can read the payload (base64 decode it). Don't put secrets inside.
What does the 'exp' claim do?
It's a Unix timestamp for token expiration. Receivers should reject expired JWTs.

Be the first to know what's next.

Submit your email to get early access updates, new feature announcements, and the latest in automation from TinyCommand.
Subscribe
About usPrivacy policySubmit RequestTerms of usePricingMake a referralContact usBecome a partnerCancellation & refundBlogs
© TinyCommand LLC 2026
XLinkedInInstagramYouTubeFacebook