Detects hardcoded JWT tokens within the codebase.

Metadata

ID: javascript-node-security/detected-jwt-token

Language: JavaScript

Severity: Error

Category: Security

CWE: 798

Description

JSON Web Tokens (JWT) are commonly used for authentication and information exchange in web applications. While they are a powerful tool, they must be handled with care.

Non-Compliant Code Examples

"eyJ12345678901234-1234_1234.1234567890123-1234_1234.12345678-1234_1234"
"eyJ12345678901234-1234_1234.1234567890123-1234_1234"
'eyJ12345678901234-1234_1234.1234567890123-1234_1234.12345678-1234_1234'
'eyJ12345678901234-1234_1234.1234567890123-1234_1234'
`eyJ12345678901234-1234_1234.1234567890123-1234_1234.12345678-1234_1234`
`eyJ12345678901234-1234_1234.1234567890123-1234_1234`

Compliant Code Examples

"eyfoo"
`eybaz`
'eybla'
"eyJ12345678901234-1234_1234567890123"
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Security

Datadog Code Security
PREVIEWING: guillaume.barrier/ERRORT-5095-general-doc-update