We have a simple requirement at this time to replace username/password authentication on our web services with authentication using a token. Our customers do not want their web services to be disrupted by password policy that requires changing a password every n months for example. We are doing wo…

The JWT being provided is already an access token so in general issuing another access token upon initial presentation of the JWT seems that it would not bring much to the table. However, it always depends on the exact details. What you described is an authentication system based on bearer access t…

Advisability of using a JWT with a custom implementation for token issuance?

JWT.io

Topic		Replies	Views
JWT best practice and understanding JWT.io	4	2821	March 19, 2022
Verifying JWT in browser using public key JWT.io	2	4348	September 27, 2022
JWT Authentication in the context of JAX-RS REST service JWT.io jwt	2	4813	March 2, 2018
Problem validating JWT with X509 cert/pubkey from /jwks JWT.io api , certificate , jwt-validation	12	23851	November 8, 2022
Explanation of the JWT Signature Verification Process JWT.io	2	5178	August 22, 2019

Advisability of using a JWT with a custom implementation for token issuance?

Related topics