So you’ve finally implemented your own authorization server. And it uses JWT because everyone else does. But is it secure? JWTs are the new great thing that everyone is talking about but you need to use them correctly. During this talk, we will see how we can use various attacks to hack into OAuth systems that use JWTs as a token mechanism. By seeing the attackers’ point of view, the attendees will learn how to better defend themselves and make more secure servers.