ASP Net Rest API – Authenticate – JWT

As not everything should be available to everyone and some things need to have relation to using user. Let’s now add authentication.

The currently most used technique for this is JSON Web Token (JWT).
JWT means, that after authentication, the user is given a small JSON object aka. Token, that contains basic information about the user. This Token is then send by the user with every request and the server will just read it and take the information out of it.

Awesome is, that therefore the user is holding the key, if multiple services are offered, the user just needs to use this key over and over and the services can directly use data from within it.

BUT, you may ask: Trusting data from user is the biggest risk and a nightmare for security!

Continue reading “ASP Net Rest API – Authenticate – JWT”