Authentication is one of the big parts of every application. Security is always something that is changing and evolving. In this talk, I will cover what JSON Web Tokens (JWTs) are and why using JWTs in our NodeJS applications when it comes to security is awesome. Setting up an authentication layer is, without a doubt, one of the most challenging yet necessary tasks within any web application. Not only does the application in question always needs to ensure the most basic functionality is set up by default (such as login, log out, reset password), but additionally, it’s required to develop all the libraries to handle the validation of the credentials, the connections to the database responsible for the user data, session management, and general security. In this talk, We will look at how we can use JSON Web Tokens to add both Authentication and Authorization to our NodeJS APIs.