Initial State: User not authenticated
1. User Login Request
Client → Server: POST /login {username, password}
2. Server Validation
Server validates credentials
3. JWT Generation
Server creates JWT with user claims
Server → Client: {token: "jwt_string"}
4. Protected Request
Client → Server: GET /protected (Authorization: Bearer jwt_string)
5. JWT Verification
Server verifies JWT signature and expiration
Server → Client: Protected resource data
Current State: Ready for authentication
Generated JWT Token
No token generated yet. Click "Authenticate & Get JWT" to generate a token.