Is JWT necessary over HTTPS communication?

Question

I\'m developping a MEAN stack application, and I\'m currently setting up an account system. I\'ve seen several tutorials about Authentication, all using JWT. I

Answer 1

No, JWT is not required when your server supports HTTPS. HTTPS protocol ensures that the request & response are encrypted on the both(client & server) the ends.

I believe you would want to send across user credentials in every request to the server, and in turn server validates the user before sending any response from the server.

Although you can do the above, but on the server-end, you would end up validating user credentials against a Database in every request which is a expensive task, you can avoid this when you use JWT.

JWT basically authenticates a user once & issues an access token which could be valid for a duration of time.