Where do I need to use JWT?

Question

The structure and protocol aside, I was wondering where JWT fits into client/server communication?

• Is it here to replace authentication and session cookies?

Answer 1

IMO JWT is mostly useful when the issuer (who generates the JWT) and the receivers (who verify the JWT) belong to different autonomous parties. Although it is possible, there is no need to replace authentication/session-cookie/token-storage/etc with JWT.