· Iren Saltali · security
JWT Issuer, Audience, and Why Tokens Still Fail
A plain-language explanation of the JWT fields that most often break route protection even when the token looks valid.
Tag: jwt
Tags stay secondary to the core docs and tutorials, but they still help readers follow adjacent implementation topics.
- · Iren Saltali · education
How to Debug 401s in Worker-Based APIs
A practical checklist for figuring out whether the failure is in the token, the gateway config, or the identity provider.
- · Iren Saltali · education
How to Move Auth Out of Downstream Services
A migration pattern for teams that want backends to trust gateway-verified identity instead of re-implementing token logic everywhere.
- · Iren Saltali · tutorials
Use JWT Claims to Personalize Upstream Requests
How to inject verified user context into headers and query parameters without teaching every backend service how to read a JWT.
- · Iren Saltali · security
Protect One Route, Not Your Whole API
How to apply JWT checks only where they add value, while keeping health and public routes simple.