JWT Authorization in GRAPHQL using Golang. a. Even though this is a GraphQL API, we’re still going to have a RESTful endpoint for signing users in and returning a JWT. We’re doing is taking a username and password sent via the HTTP request and create a JWT token from it. Then we sign this token using our secret and return the signed token back as a response. Authorization in an application is through the use of JSON web tokens (JWT). Users authenticate with a service and the service responds with a JWT to be used in every future request so that way the password is kept safe.