In the age of micro services and applications that are build from many distributed components and need to take care for aspects like CSRF and CORS, session cookies are not practicable anymore. Tokens promise to be a silverbullet. JWT (JSON Web Token) aims to simplify the usage of authentication tokens in modern application landscapes. This talks shows if tokens can fulfill that promise and keep up the web applications taste even when cookies are missing.