JWT authentication works by issuing a signed token to a trusted identity and validating that token on every request instead of re-authenticating the user.