Developer tutorials: JSON, JWT, Base64 and more.
A symptom-driven guide to debugging timestamps — seconds/ms mix-ups, time-zone and DST errors, the 1970 and 1901 dates, and a systematic method to fix them.
AZ Utils Editorial · · 11 min read
JWTs explained — the header, payload and signature, why a JWT is signed not encrypted, code examples, common mistakes and best practices.
AZ Utils Editorial · · 12 min read
How JWT authentication works end to end — the login-to-access flow, Bearer tokens, access vs refresh tokens, and code with common pitfalls.
AZ Utils Editorial · · 12 min read
Every common JWT claim explained — the registered claims iss, sub, aud, exp, nbf, iat and jti, plus custom claims and how to validate them.
AZ Utils Editorial · · 11 min read
JWT security best practices — pin the algorithm, validate claims, short lifetimes and revocation, safe storage, and never put secrets in the payload.
AZ Utils Editorial · · 12 min read
Base64 explained for developers — what it is, the 64-character alphabet, encoding in JavaScript and Python, common mistakes and best practices.
AZ Utils Editorial · · 11 min read
A step-by-step look at how Base64 encoding works — 3 bytes to 4 characters, the 6-bit groups, padding and decoding, with worked examples.
AZ Utils Editorial · · 10 min read
The real-world use cases for Base64 — data URIs, email attachments, JWTs, HTTP Basic Auth and binary in JSON — with examples and when to avoid it.
AZ Utils Editorial · · 10 min read
Base64 is encoding, not encryption. Learn the security implications for Basic Auth, JWTs and untrusted input — and how to use Base64 safely.
AZ Utils Editorial · · 10 min read
