Security token

Token Based Security, OAuth 2.0, OIDC and IdentityServer4 – Part 2

by

Introduction In previous post, we learned that OAuth is an authorization framework specially built for HTTP APIs. It allows a user to securely delegate scoped API Access to an application. By scoped access means, that user define exactly what parts of an API, they want application to be allowed to use. This application can then … Read more

Token Based Security, OAuth 2.0, OIDC and IdentityServer4

by

Introduction We all know the username/password mechanism of login to a web application. We also might have heard, used or implemented authentication/authorization systems, with or without frameworks. Token-based security is one of common mechanism to secure backend APIs. A common architecture for web applications typically consist of a web client app (e.g. an Angular or … Read more