# Examine API Token

Ardexa uses JSON Web Tokens (JWT) for all authentication to the API platform.  For those of you interested in a deeper look into JWT, here is a quick break down and some Linux commands to examine the details.

Tokens are broken into three base64 encoded pieces, separated by dots:

* Settings
* Claim
* Signature

`Settings` and `Claim` are JSON objects, and `Claim` is the most interesting piece of the puzzle. For a closer look at the actual claim, we recommend using `jq` (<https://stedolan.github.io/jq/>). Below is a command pipeline to separate, decode and parse the TOKEN into a human readable format.

```
echo $TOKEN | cut -d. -f2 | base64 -d | jq '.iat |= todate | .exp |= todate'
```