I'm building a REST service and right and have run into a problem. Right now the functionality is this: a user can post their username and password and if it's correct I return a JWT token for them.
What do I need to do in order to make a client use this token when they request something from a protected endpoint? I'm new to web in general and I don't know where to go from here.
First, you have to save the JWT somewhere. In a browser, the best options are in cookies or local storage (see where to store your jwts for an example on how).
Second, you need to pass the JWT back to the server with your next request. You will have to retrieve the JWT from wherever you stored it and include it in the request. How you do this depends on where the server expects your JWT to go and what framework you use for making requests. For example, if your JWT goes in one of the request headers, here is an example for setting request headers with a jquery ajax request.
