Authorization in api app
when want make api app,in some app there is a Authorization: in header
Authorization: bearer eyJ0.....
i want to know anybody know where can find and capture this token?because when open the app there isn't any request that have this token inside respons source and this token codes will change every 10 time of checking credential
That token is a JWT token and it's sent to you after a successful login request.
evangel last edited by evangel
@Ruri sry i didnt understand
it is there is Header,each time i try to login with wrong email and password,it is diffrent in header
i studied a little about this token,but i really dont know how i can bypass this token issue in ob
its look like this in header
POST /as/token.oauth2 HTTP/1.1 Authorization: JWTBearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbmRyb2lkRmxhZ3NoaXBNb2JpbGVBcHBsaWNhdGlvbjYiLCJpYXQiOjE1NzQ5ODEzOTMsImV4cCI6MTU3NTAyNDU5MywibmJmIjoxNTc0OTM4MTkzfQ.9Yu_6RXza5Mu4CUKpvbYjIvDg7G9Tf3XAsrIOT3CY6qF0QgGhwdrQUKgUnsRmfNPHa6Up0pxL8zCBBtbpf7tyA Content-Type: application/x-www-form-urlencoded Content-Length: 276 Host: .... Connection: Keep-Alive Accept-Encoding: gzip User-Agent: okhttp/4.2.0
The token is given to you AFTER you login, not before. You don't have to send it in your login request, if it sends a token there, it's a badly configured application.
@Ruri but acctually in all apps i saw its need to send, and if it dont be in custom header then config will not work and request give a respons with Auth token Need or auth Token is lost
tokenparameter initialized, so you can parse that one
CeejTheGod last edited by
@evangel pm me on discord CeejTheGod#2093
@Ruri i know but that is was question
there isnt any request that have token inside to can capture in api