I guess the idea is that it's "stateless" in the sense that you don't have to ma... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		kelnos on Dec 14, 2019 \| parent \| context \| favorite \| on: Ask HN: What's the current sentiment on JWT for st... I guess the idea is that it's "stateless" in the sense that you don't have to maintain the state yourself, and the CDN will do it for you? I mean... okay, I guess the point of being stateless is that you don't want to deal with the scaling and reliability issues around storing state, so pushing that responsibility onto a third party (whose uptime is required to get to your site anyway) is "stateless" from your perspective. I certainly wouldn't call that "stateless", but it does fulfill the main reason why you might want to be stateless, that you don't have to maintain any state yourself.

jakelazaroff on Dec 14, 2019 | [–]

Exactly — it's basically the same as writing your own separate authentication service, or using Auth0/Cognito/Firebase.

notyourday on Dec 14, 2019 | [–]

The reason why it is stateless is because there's no state associated with a token that I have to maintain.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact