JWT Authentication best practice


Hi all,

I am really new to mobile development, after going through a lot of tutorials and videos, I am planning to create an app. The problem is that I already have working website (PHP) with databse (MySQL). I was wondering how to implement app authentication without using existing Telerik backend service, or facebook, Google provides.

I was thinking to implement JWT tokens. When user tries to login in, username and password are send to backend and credentials are matches with database records, if they match token is created and sent back to app where it is saved on local storage.After that, all request with have a token in the headers which can be check at the backed.

I want to follow best practice and was wondering if I am on the right path??? Any help will be highly appreciated.



i am using https://github.com/thephpleague/oauth2-server with https://github.com/slimphp/Slim


Thanks for reply. Could you explain your approach in more detail?


this example may be what you would like!


I am using https://auth0.com/
pretty awesome stuff there and easy to implement.


You might take a look at this:

Authenticate With JWT In A NativeScript Angular Mobile Application

It isn’t oauth, but it is JWT.




Hello, your tutorials are good, you could not provide that tutorial of jwt with nativescript for free. Greetings.


Can’t make everything free. Otherwise I wouldn’t be able to afford to keep the blog running. Hosting quality content isn’t cheap.


As an update, my premium tutorials are now free, including the one I had listed here on JWT:



You’re awesome Nick!


Take a look at AWS Cognito

It’s free for the first 50,000 users (enough for a small startup).

I’ve created an angular-based web app to demonstrate the overall functionality: https://github.com/awslabs/aws-cognito-angular2-quickstart/

For your NativeScript app you can use the AWS Mobile SDK directly: https://aws.amazon.com/mobile/sdk/


Here’s the link to Cognito: https://aws.amazon.com/cognito/