0xPass's JWT Token Scheme
This provides verifiable proof of wallet ownership and should be used to secure communication between your frontend and backend.
Access tokens are JSON Web Tokens (JWT) which contain the following claims with user information such as:
sidrepresents the user's current session ID.
subcorresponds to the user's 0xPass ID.
issindicates the token issuer, which should always be 0xpass.io.
audis your project API Key.
iatis the timestamp for when the JWT was issued.
expis the timestamp when the JWT will expire and become invalid, typically 1 hour after issuance.
You should use the 0xPass JWT to secure the communication between your frontend and backend. For each of these components, you should do the following: