# FACEDAB Tokens
We need multiple tokens with different content and usage.
Normally, we need a token to authenticate the user and populate the information about `userId`, `organizationId` and `chargebeeId`.
## Tokens - How and why?
We use [JWT](https://jwt.io/).
A JWT contains multiple things:
+ Header
+ Contains information about singing algorithms
+ Payload
+ Contains information about the user and some basic information about the token.
+ Signature
+ Verifies that the payload is from a trusted source and was not edited from the user.
With this construct, we can get user-specific information from the user and we do not need to validate this information. So, if we scale the services, we do not need sessions. The token contains all information a session would contain in an older environment.
## Token Types
### `organizationToken`
The `organizationToken` does only contain an `organizationId`. With this `organizationId` we can get the `chargebeeId`. We do not populate the `userId`, so we are not able to do user-specific actions with this token.
This token can only be created for a temporary organization, which is an organization, which does not contain a user, but contain a token, which can be used to assign the organization to an user. After the user is assigned to the organization, the organization is not considered as temporary anymore.
### `auth0Token`
The `auth0Token` does only contain a `auth0Ident`, which is associated with a `userId`, `organizationId` and `chargebeeId` and can be resolved by the `auth-service`.
It also contains some user-specific information like name and picture but this is not important for authentication and authorization.
This token can be used for any action in FACEDAB.
### `fakeToken`
The `fakeToken` is basically a `auth0Token` which is not signed by Auth0.
If the user creates an account through our website, we create the account at Auth0 and get all information about the user.
We can create a similar looking token like `auth0Token` but sign this token with our own private key. We trust Auth0 and ourselfs and those tokens can be used the same way.
Sign in with Wallet
Connect another wallet