Don’t roll your own auth. In 2021, securing an API means efficiently implementing OAuth2/OIDC validation for JWT tokens. The Theory Your API should not handle login. A separate Identity Provider (IdP) – like Azure AD, Auth0, or IdentityServer – issues a standard JWT Access Token. Your API’s only job is to validate the signature and […]
Read more →Searching in
Enter search term to find items
to navigate, to select, and to close