What is a JWT?
A JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is digitally signed using a private key.
How It Secures Sessions
Since the token is cryptographically signed, the client can store it in cookies or memory. The server simply verifies the signature on incoming API calls, eliminating the need to query session tables in the database.