Owasp Api2 2023 Jwt Best Practices Error

OWASP API2 2023 JWT Best Practices (Edit)

JSON Web Token implementations must explicitly declare support for RFC8725 to address common pitfalls like ignoring algorithms or using insecure algorithms in JWT validation.

OWASPSecurityJWTAuthenticationOpenAPI

Rule Definition

{"owasp-api2-2023-jwt-best-practices-error":{"description":"JSON Web Token implementations must explicitly declare support for RFC8725 to address common pitfalls like ignoring algorithms or using insecure algorithms in JWT validation.","message":"Security schemes using JWTs must explicitly declare support for RFC8725 in the description.","given":"$.components.securitySchemes[?(@.bearerFormat==\"jwt\" || @.bearerFormat==\"JWT\")]","severity":"error","then":[{"field":"description","function":"truthy"},{"field":"description","function":"pattern","functionOptions":{"match":"RFC8725"}}]}}

Back to All of the Rules

OWASP API2 2023 JWT Best Practices (Edit)

This Page

Open & Ask

Rule Definition