Scribd
Upload
70 views16 pages

Interview Questions Around JWT Token

Uploaded by

Imam Masum
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
70 views16 pages

Interview Questions Around JWT Token

Uploaded by

Imam Masum
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

TOP

10
ASP.NET INTERVIEW
QUESTIONS & ANSWERS

@Questpondvideos
ASP.NET Interview
Questions & Answers

01
How does Token
based Authentication
works?

Token based Auth is a two-step process: -


1. Client sends credentials to the server.

2. Server respond backs with a token.

3. Later to access the resource only this


token is needed.
ASP.NET Interview
Questions & Answers

02
Why is it called JWT
Token?

JWT stands for (JSON Web based Token).


JSON stands for JavaScript object
notation.

JSON is a data format with name and


value as shown in the image which is in
the next slide.

Because we receive the token in JSON


format so it’s termed as JWT Token.
ASP.NET Interview
Questions & Answers

JWT Token Name Value


ASP.NET Interview
Questions & Answers

03
Explain the 3 sections
of JWT Token?

1. Header: - This section has Algorithm


and type of token.

2. Payload: - This has the identity and


claims information.

3. Signature: - This section is created


using the first two sections (Header,
Payload) and Secret key.
ASP.NET Interview
Questions & Answers

Pictorial representation of
JWT Token structure
ASP.NET Interview
Questions & Answers

04
What are Identity and
claims?

Identity identifies the user or entity


uniquely.

Claims talks about what roles / rights the


user has with respect to the system.
ASP.NET Interview
Questions & Answers

05
Differentiate between
Authentication VS
Authorization?

Authentication ensures that the user


exists in the system. Authorization talks
about the roles and rights of the users.

Authentication talks about WHO the user


is and Authorization talks about WHAT the
user can do with your system.
ASP.NET Interview
Questions & Answers

06
Claims vs Roles?
ASP.NET Interview
Questions & Answers

07
Principal vs Identity

Identity represents a user + roles +


claims.

Principal encapsulates identity object and


can be assigned to a code / thread
context.
ASP.NET Interview
Questions & Answers

08
Can we put critical
information in JWT
Token?

No. It’s just BASE64 encoded and can be


decoded very easily.
ASP.NET Interview
Questions & Answers

09
How do you create
JWT Token in MVC ?

Step 1: - Import
“Microsoft.AspNetCore.Authentication.JwtBear
er” package from Nuget.

Step 2: - Use the package for generating the


token.

Sample code in the coming slide for generating


token. Now remember that this is a interview
so its difficult to explain code in detail and that
also verbally. So the best would be map the
code with the three sections of the token
structure and explain the same.
ASP.NET Interview
Questions & Answers

This will make the interviewers life easy in


understanding what you are speaking.

· First step is to select the algorithm.


Interviewer can ask you name of the
algorithm. Does not hurt to remember
HMACSHA256.

· Next step is creating the claims


collection. Remember there are standard
claims and you can add your own.

· Last step is to use the Algorithm, use


claims and generate token.
ASP.NET Interview
Questions & Answers
ASP.NET Interview
Questions & Answers

10
What is use of
Authorize Attribute?

JWT Token authentication is only applied


to controllers who have Authorize
Attribute decorated.
www.questpond.com

For more ASP.NET


Interview Questions &
Answers watch
complete 1 hour of video
shared in the comment.

Follow us on :

You might also like