I revisited the widely used authentication method JWT (JSON Web Token) from its background to structure and operating principles, reconsidering why and how it should be used.