In this article, we will take a quick tour of the JWT and its capabilities. We will go over its structure and build a JWT from scratch. We will then explore its most common uses and talk about stateful (server-side) and stateless (client-side) sessions. Finally, we will end with a review of the cryptographic security features that make the JWT a staple in authorization workflows.