JWT Before JWT: Token-Based API Authentication in the Web’s First Years (1990–1994) — Chapter 47
JWT didn’t exist in 1990–1994, but the Web’s first HTTP interfaces already wrestled with the same API authentication problems: stateless requests, shared gateways, and portable identity. This chapter traces the roots of token-based auth from early HTTP, Basic auth, CGI sessions, and the arrival of cookies.