Merge pull request #931 from jsonwebtoken/feature/seo-enhancements-llms-txt

Add FAQPage schema, Organization schema, and llms.txt

Author: jcmartinezdev

public/llms.txt

@@ -0,0 +1,42 @@
+# jwt.io
+
+> JWT.IO allows you to decode, verify, and generate JSON Web Tokens.
+
+## About
+
+jwt.io is the go-to resource for JSON Web Tokens (JWTs). It provides:
+- An interactive JWT debugger to decode and verify tokens
+- A comprehensive library directory for JWT implementations
+- Educational content explaining JWT concepts
+
+Maintained by Auth0.
+
+## Quick Links
+
+- Debugger: https://jwt.io
+- Libraries: https://jwt.io/libraries
+- Introduction: https://jwt.io/introduction
+
+## JWT Overview
+
+A JSON Web Token consists of three Base64Url-encoded parts:
+1. Header - algorithm and token type
+2. Payload - claims (registered, public, private)
+3. Signature - ensures token integrity
+
+Format: xxxxx.yyyyy.zzzzz
+
+## For AI Agents
+
+Claude Code users can install JWT skills for token operations:
+- `/jwt-decode` - Decode and inspect JWTs
+- `/jwt-encode` - Create and sign JWTs
+- `/jwt-validate` - Verify JWT signatures and claims
+
+Install: `npx skills add jsonwebtoken/jwt-skills`
+Repository: https://github.com/jsonwebtoken/jwt-skills
+
+## Resources
+
+- RFC 7519: https://datatracker.ietf.org/doc/html/rfc7519
+- Source: https://github.com/jsonwebtoken/jsonwebtoken.github.io

src/features/introduction/components/introduction-page/introduction-page.component.tsx

@@ -1,10 +1,14 @@
 import React from "react";
 import { StructuredData } from "@/features/seo/components/structured-data.component";
-import { generateArticleStructuredData } from "@/features/seo/services/structured-data.service";
+import {
+  generateArticleStructuredData,
+  generateFaqStructuredData,
+} from "@/features/seo/services/structured-data.service";
 import { Auth0CtaComponent } from "@/features/common/components/auth0-cta/auth0-cta.component";
 import { getIntroductionDictionary } from "@/features/localization/services/language-dictionary.service";
 import { IntroductionArticleComponent } from "@/features/introduction/components/introduction-article/introduction-article.component";
 import { getAuth0Dictionary } from "@/features/localization/services/ui-language-dictionary.service";
+import { AUTH0_ORGANIZATION } from "@/features/seo/constants/organizations.constants";
 
 interface IntroductionPageComponentProps {
   languageCode: string;
@@ -115,6 +119,8 @@ export const IntroductionPageComponent: React.FC<
             datePublished: introductionDictionary.metadata.datePublished,
             dateModified: introductionDictionary.metadata.dateModified,
           }),
+          AUTH0_ORGANIZATION,
+          generateFaqStructuredData(introductionDictionary.faq),
         ]}
       />
       <IntroductionArticleComponent

src/features/localization/dictionaries/introduction/en.ts

@@ -76,4 +76,43 @@ export const enIntroductionDictionary: IntroductionDictionaryModel = {
       },
     ],
   },
+  faq: {
+    items: [
+      {
+        question: "What is JSON Web Token?",
+        answer:
+          "JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.",
+      },
+      {
+        question: "When should you use JSON Web Tokens?",
+        answer:
+          "JWTs are useful for Authorization (allowing users to access routes, services, and resources after login using Single Sign-On) and Information Exchange (securely transmitting information between parties with verified signatures that ensure the content hasn't been tampered with).",
+      },
+      {
+        question: "What is the JSON Web Token structure?",
+        answer:
+          "A JWT consists of three parts separated by dots: Header (contains the token type and signing algorithm), Payload (contains the claims - statements about the user and additional data), and Signature (ensures the token hasn't been altered). Each part is Base64Url encoded, resulting in the format: xxxxx.yyyyy.zzzzz",
+      },
+      {
+        question: "How do JSON Web Tokens work?",
+        answer:
+          "When a user logs in, they receive a JWT. For subsequent requests, the token is sent in the Authorization header using the Bearer schema. The server verifies the token's signature and grants access to protected resources. This stateless mechanism allows the token to be used across different domains.",
+      },
+      {
+        question: "Why should we use JSON Web Tokens?",
+        answer:
+          "JWTs are more compact than SAML tokens (XML-based), making them ideal for HTML and HTTP environments. JSON is simpler to parse than XML and maps directly to objects in most programming languages. JWTs support asymmetric signing and work seamlessly across different platforms and devices.",
+      },
+      {
+        question: "What is the difference between validating and verifying a JWT?",
+        answer:
+          "Validation checks the token's structure, format, and claims (like expiration time and required fields). Verification confirms the cryptographic signature to ensure the token was issued by a trusted party and hasn't been tampered with. Both steps are essential for secure JWT processing.",
+      },
+      {
+        question: "What is the difference between decoding and encoding a JWT?",
+        answer:
+          "Encoding is the process of creating a JWT: converting the header and payload to JSON, Base64Url encoding them, and generating the signature. Decoding reverses this process: splitting the token, Base64Url decoding each part, and parsing the JSON. Decoding alone doesn't verify the signature.",
+      },
+    ],
+  },
 };

src/features/localization/dictionaries/introduction/ja.ts

@@ -77,4 +77,44 @@ export const jaIntroductionDictionary: IntroductionDictionaryModel = {
       },
     ],
   },
+  faq: {
+    items: [
+      {
+        question: "JSON Web Tokenとは？",
+        answer:
+          "JSON Web Token（JWT）は、当事者間で情報をJSONオブジェクトとして安全に伝送するためのコンパクトで自己完結型の方法を定義するオープンスタンダード（RFC 7519）です。この情報は、秘密鍵（HMACアルゴリズム）またはRSAやECDSAを使用した公開鍵/秘密鍵のペアでデジタル署名されているため、検証および信頼できます。",
+      },
+      {
+        question: "JSON Web Tokenはいつ使用すべきか？",
+        answer:
+          "JWTは、認可（シングルサインオンを使用してログイン後にルート、サービス、リソースへのアクセスを許可する）および情報交換（改ざんされていないことを確認できる検証済み署名で当事者間で安全に情報を伝送する）に役立ちます。",
+      },
+      {
+        question: "JSON Web Tokenの構成は？",
+        answer:
+          "JWTはドットで区切られた3つの部分で構成されます：ヘッダー（トークンタイプと署名アルゴリズムを含む）、ペイロード（クレーム - ユーザーに関する記述と追加データを含む）、署名（トークンが改ざんされていないことを保証）。各部分はBase64Urlエンコードされ、xxxxx.yyyyy.zzzzzの形式になります。",
+      },
+      {
+        question: "JSON Web Tokenの仕組みとは？",
+        answer:
+          "ユーザーがログインすると、JWTを受け取ります。その後のリクエストでは、Bearerスキーマを使用してAuthorizationヘッダーでトークンが送信されます。サーバーはトークンの署名を検証し、保護されたリソースへのアクセスを許可します。このステートレスな仕組みにより、トークンは異なるドメイン間で使用できます。",
+      },
+      {
+        question: "JSON Web Tokenを使用すべき理由とは？",
+        answer:
+          "JWTはSAMLトークン（XMLベース）よりもコンパクトで、HTMLおよびHTTP環境に最適です。JSONはXMLよりも解析が簡単で、ほとんどのプログラミング言語でオブジェクトに直接マッピングされます。JWTは非対称署名をサポートし、さまざまなプラットフォームやデバイス間でシームレスに動作します。",
+      },
+      {
+        question:
+          "JWTのバリデーション（妥当性確認）とベリフィケーション（検証）の違いとは？",
+        answer:
+          "バリデーションは、トークンの構造、形式、クレーム（有効期限や必須フィールドなど）をチェックします。ベリフィケーションは、トークンが信頼できる発行者によって発行され、改ざんされていないことを確認するために暗号署名を確認します。両方のステップは、安全なJWT処理に不可欠です。",
+      },
+      {
+        question: "JWTのデコーディングとエンコーディングの違いとは？",
+        answer:
+          "エンコーディングはJWTを作成するプロセスです：ヘッダーとペイロードをJSONに変換し、Base64Urlエンコードして署名を生成します。デコーディングはこのプロセスを逆にします：トークンを分割し、各部分をBase64Urlデコードして、JSONを解析します。デコーディングだけでは署名は検証されません。",
+      },
+    ],
+  },
 };

src/features/localization/models/introduction-dictionary.model.ts

@@ -1,13 +1,15 @@
 import { PageMetadataModel } from "@/features/common/models/page-metadata.model";
 import { HeroMetadataModel } from "@/features/common/models/hero-metadata.model";
+import { FaqMetadataModel } from "@/features/seo/models/faq-metadata.model";
 
 export interface IntroductionDictionaryModel {
   metadata: PageMetadataModel;
   hero: HeroMetadataModel;
   content: {
     headings: {
-      title: string,
-      id: string
-    }[]
-  }
+      title: string;
+      id: string;
+    }[];
+  };
+  faq: FaqMetadataModel;
 }

src/features/seo/components/structured-data.component.tsx

@@ -3,17 +3,23 @@ import { ArticleStructuredDataModel } from "@/features/seo/models/article-struct
 import { BreadcrumbStructuredDataModel } from "@/features/seo/models/breadcrumb-structured-data.model";
 import { HowToStructuredDataModel } from "@/features/seo/models/how-to-structured-data.model";
 import { WebsiteStructuredDataModel } from "@/features/seo/models/website-structured-data.model";
+import { OrganizationStructuredDataModel } from "@/features/seo/models/organization-structured-data.model";
+import { FaqStructuredDataModel } from "@/features/seo/models/faq-structured-data.model";
 
 interface StructuredDataProps {
   data:
     | ArticleStructuredDataModel
     | BreadcrumbStructuredDataModel
     | HowToStructuredDataModel
+    | OrganizationStructuredDataModel
+    | FaqStructuredDataModel
     | Array<
         | ArticleStructuredDataModel
         | BreadcrumbStructuredDataModel
         | HowToStructuredDataModel
         | WebsiteStructuredDataModel
+        | OrganizationStructuredDataModel
+        | FaqStructuredDataModel
       >;
 }
 

src/features/seo/constants/organizations.constants.ts

@@ -0,0 +1,16 @@
+import { OrganizationStructuredDataModel } from "@/features/seo/models/organization-structured-data.model";
+
+export const AUTH0_ORGANIZATION: OrganizationStructuredDataModel = {
+  "@context": "https://schema.org",
+  "@type": "Organization",
+  name: "Auth0",
+  legalName: "Auth0 Inc.",
+  url: "https://auth0.com/",
+  logo: "https://cdn.auth0.com/website/assets/pages/press/img/resources/auth0-logo-main-6001cece68.svg",
+  foundingDate: "2013",
+  sameAs: [
+    "https://twitter.com/auth0",
+    "https://www.facebook.com/getauth0/",
+    "https://www.linkedin.com/company/auth0",
+  ],
+};

src/features/seo/models/faq-metadata.model.ts

@@ -0,0 +1,8 @@
+export interface FaqItemMetadataModel {
+  question: string;
+  answer: string;
+}
+
+export interface FaqMetadataModel {
+  items: FaqItemMetadataModel[];
+}

src/features/seo/models/faq-structured-data.model.ts

@@ -0,0 +1,3 @@
+import { FAQPage, WithContext } from "schema-dts";
+
+export type FaqStructuredDataModel = WithContext<FAQPage>;

src/features/seo/models/organization-structured-data.model.ts

@@ -0,0 +1,3 @@
+import { Organization, WithContext } from "schema-dts";
+
+export type OrganizationStructuredDataModel = WithContext<Organization>;