Authentication and Authorization

Sep 15, 2016, updated Aug 11, 2019 DevOps

JWT

JSON Web Tokens (JWT) are a more modern approach to authentication. As the web moves to a greater separation between the client and server, JWT provides a wonderful alternative to traditional cookie based authentication models.

Good Articles:

OAuth2

(Authorization) OAuth2 is an authorization mechanism (i.e. allows you to check that a token is valid and has a specific set of scopes granted) An Introduction to OAuth 2

OpenID Connect

(Authentication and Authorization) OpenID Connect is just an authentication layer built on top of OAuth2. It is a standards specifications and there are a lot of implementations for this standard.

OpenID Connect Specifications

Other products:

References: