As previously explained, the session-token is implemented using JSON Web Tokens (JWT). To protect routes, you need to validate the session-token by performing a JWT verification. This allows you to verify user authentication and take the appropriate actions. Corbado simplifies this process by providing Integration Guides and Backend SDKs for a variety of programming languages and frameworks:

Integration Guides

Backend SDKs
To understand how to pass the session-token through your system in different scenarios please read the next section on Token Handling.