JSON Web Tokens vs Oauth 2.0

📄 Table of Contents

◉ Brief introduction to JWT

TL;DR: What are they good for?

◉ Using JWT for API authentication

JWT (JSON Web Token)

JSON Web Token (JWT) is a compact, URL-safe means of representing
claims to be transferred between two parties.
A JWT token is composed of a header, a payload, and a signature and has the format header.payload.signature.
{
“alg”: “HS256”,
“typ”: “JWT”
}
{
“sub”: “1234567890”,
“name”: “John Doe”,
“admin”: true
}
HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
secret
)
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
. eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9
.
TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
Simple procedure on JWT token generation and validation at the same server

◉ Store JWTs securely

Using JWT to securely exchange information between two servers

◉ Authentication vs Authorization

◉ What is OAuth

◉ OAuth Grant Types

◉ OAuth 2.0

Workflow of OAuth 2.0

Tokens

How is JWT related to OAuth?

Difference between JWT and OAuth

◉ 3 Ways to Secure Your Web API for Different Situations

Summary

Experience with Front-end Technologies and MERN / MEAN Stack. Working on all Major UI Frameworks like React, Angular.